比赛地址:DiceCTF 2025 Quals 比赛时间:29 Mar 2025 05:00 CST - 31 Mar 2025 05:00 CST 复现的题目用🔁标注 Misc bcu-binding Challenge misc/bcu-binding hgarrereyn Comrades, we found this old manual in our basement. Can you see if there’s anything interesting about it? Downloads cpu_documentation.pdf Solution 一搜 flag 就找到在这里了 1dice{r3ad1ng_th4_d0cs_71ccd} dicecap Challenge Solution 搜索 flag 找到这条流量里有个压缩包 导出后打开发现是经过加密的 经尝试发现不是伪加密,继续分析流量 发现这里正在传输一个 Linux 的可执行文件 用 IDA 打开发现是一个用来生成密码的程序 12345678910v1 = time(0LL); // ...
比赛地址:SwampCTF 2025 比赛时间:29 Mar 2025 05:00 CST - 31 Mar 2025 05:00 CST 复现的题目用🔁标注 Misc Pretty Picture: Double Exposure Challenge Pretty Picture: Double Exposure Hidden in the bits below, an image wait’s to be shown. Solution 用 StegSolve 打开翻几下就看到了 1swampCTF{m3ss4g3s_0r_c0de_c4n_b3_h1dd3n_1n_1m4g3s} OSINT Party Time! Challenge Party Time! By: lyngo This party house is known for its 3AM outings, but you’ve gotta work for the location if you want to come! Enter the GPS coordinates of the loca ...
比赛地址:TAMUctf 比赛时间:29 Mar 2025 06:00 CST - 31 Mar 2025 06:00 CST 复现的题目用🔁标注 Start here! Howdy World Challenge Howdy World Welcome to TAMUctf 2025! Please enter the flag from tamuctf.com to prove that you are a real person 😃 The flag format is gigem{.*} unless otherwise specified Solution 签到题 1gigem{welcome!} Forensics Challenge Deflated Author: flocto I heard ZipCrypto Store has a vulnerability, so I’ve used ZipCrypto Deflate instead. Can you still get the flag? Notes Flag matches regex g ...
比赛地址:CodeVinciCTF 比赛时间:29 Mar 2025 21:00 CST - 30 Mar 2025 21:00 CST 复现的题目用🔁标注 Intro Sanity Check Challenge Sanity Check misc I’m in a hurry, I’ll leave you the message in the attachments… 1Welcome to CodeVinci Beginner CTF 2025. The ...
比赛地址:SillyCTF 比赛时间:29 Mar 2025 20:00 CST - 30 Mar 2025 08:00 CST 复现的题目用🔁标注 Ice Spice Munch Music Challenge Munch Music Misc Easy Ice Spices new single got edited! Cleotrapa (Her opp) probably did it. Find the flag in the music. Solution 1sillyCTF{I-L0Ve-iC3-Spic3} You Thought I Was Feeling U? Challenge You Thought I Was Feeling U? Crypto Easy Ice Spice encoded her diary using her own langauge called Icespician. Crack the code to find out her secret. https://shorturl.at/0fHhZ Unlock Hint f ...
比赛地址:WolvCTF 2025 比赛时间:22 Mar 2025 07:00 CST - 24 Mar 2025 07:00 CST 复现的题目用🔁标注 Beginner PicturePerfect - Forensics Challenge PicturePerfect - Forensics Author: carmengh Wow what a respectful, happy looking lad! Hmmmmmmm, all I see is a snowman… maybe some details from the image file itself will lead us to the flag. Unlock Hint for 0 pointsImages have interesting information in their metadata! Solution 直接看元信息即可 123456789101112131415161718192021222324252627282930exiftool-13.25_64>exiftool ...
比赛地址:Cyber Apocalypse CTF 2025: Tales from Eldoria 比赛时间:21 Mar 2025 21:00 CST - 26 Mar 2025 20:59 CST 复现的题目用🔁标注 OSINT The Ancient Citadel Challenge The Ancient Citadel Deep in her sanctum beneath Eldoria’s streets, Nyla arranges seven crystalline orbs in a perfect circle. Each contains a different vision of stone battlements and weathered walls—possible matches for the mysterious fortress the Queen seeks in the southern kingdoms of Chile. The image in her central crystal pulses with ancient ...
比赛地址:2025 数字中国创新大赛数字安全赛道时空数据安全赛题暨三明市第五届 “红明谷” 杯大赛初赛 比赛时间:22 Mar 2025 10:00 CST - 22 Mar 2025 15:00 CST 复现的题目用🔁标注 Misc 异常行为溯源 Challenge 异常行为溯源 题目内容: 某企业网络安全部门人员正在对企业网络资产受到的攻击行为进行溯源分析,该工作人员发现攻击者删除了一段时间内的访问日志数据,但是攻击者曾传输过已被删除的访问日志数据并且被流量监控设备捕获,工作人员对流量数据进行了初步过滤并提取出了相应数据包。已知该攻击者在开始时曾尝试低密度的攻击,发现未被相关安全人员及时发现后进行了连续多日的攻击,请协助企业排查并定位攻击者 IP,flag 格式为:flag 附件下载 提取码(GAME)备用下载 Solution 附件是一个流量包 network_traffic.pcap,先用 wireshark 打开分析一下 发现所有流量包的 Data 都有这样的 Base64 数据 进一步分析发现这里面有一段 Json 数据,并且还包含了一段 Base64 数据, ...
比赛地址:PascalCTF 比赛时间:19 Mar 2025 23:00 CST - 20 Mar 2025 04:00 CST 复现的题目用🔁标注 Misc Base N’ Hex Challenge Base N’ Hex AlBovo I encrypted the flag but I don’t remember in what order. Can you help me? 12345678910111213141516171819# basenhex.pyfrom base64 import b64encodeimport random, osFLAG = os.getenv("FLAG").encode()assert FLAG.startswith(b"pascalCTF{")assert FLAG.endswith(b"}")def encode(input_string): if random.randint(0, 1) == 0: return b64encode(input_string) else: re ...
比赛地点:UTCTF 2025 比赛时间:15 Mar 2025 07:00 CST - 17 Mar 2025 07:00 CST 复现的题目用🔁标注 Misc Trapped in Plain Sight 1 可以看到 flag.txt 的文件权限为 -r-x------ 先运行 find / -perm -4000 -type f 2>/dev/null 查找具有 SUID 权限的文件 在这里找到了 xxd xxd 主要用于将文件内容以十六进制和 ASCII 的形式显示出来。它通常用于调试、分析二进制文件或查看文件的原始数据。 因此这里直接使用 xxd flag.txt 就可以查看这个文档里的内容了 🔁 Trapped in Plain Sight 2 ls -lah 发现文件的权限是 ----r-----+ 这里的 + 表示该文件或目录启用了访问控制列表(ACL, Access Control List) 。这意味着除了标准的文件权限外,还有一些额外的权限设置。 getfacl flag.txt 查看文件的 ACL 配置,发现用户 secretuser ...
