CSAW CTF(Web)

Note:  This write up doesn’t explain all steps, for free to email me at: peipei123gt@gmail.com if you not sure how I get X. ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ #BabyCSP: 1. Bad CSP rule: ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ 2. Submit a post with the payload and report […]

Exploit CVE-2017-16088

CVE Detail(Link): The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox. Background: On Mar 3, 2017, Github user “odino” opened a security issue in the safeEval GitHub repository and provide a one-line […]

Raymond James CTF

I went to Tampa, Florida last weekend to participate Raymond James CTF. My team got 3rd place with $2500 award. The weather in Florida is so0O gO0od: 24 degree C, meanwhile it’s like 3 degree C in Baltimore. The team photo: My eyes were closed lol. The trophy: The coin from gam3z:   The onsite-CTF was 70% forensics, […]

picoctf CTF 2018 Flaskcards serial

picoCTF is a CTF hosted by CMU targeted at high school students, which is a great opportunity for beginner to improve their skill. I enjoy this CTF a lot. Not really a Team, just me.       This is the Writeup for Flaskcards serial: “Flaskcards”, “Flaskcards Skeleton Key” and “Flaskcards and Freedom”. All three problems have […]

Apache Struts s2-057 POC and dynamic analysis

The detail about Apache Struts S2-057 Vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2018-11776 ‌‌ ‌‌ ‌‌ ‌‌ ‌‌ Ubuntu: 1. Setup the environment 1.1 System version: ubuntu 14.04. 1.2 Install apache tomcat: sudo apt-get install tomcat7 sudo apt-get install tomcat7-docs tomcat7-admin tomcat7-examples sudo apt-get install default-jdk 1.3 Download the vulnerable Apache struts from: https://archive.apache.org/dist/struts/2.3.34/ 1.4 Extra files from the Zip […]