├── .gitignore ├── README.md └── tctf2018_finals ├── README.MD ├── docker-compose.yml └── report.sql /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | # Created by https://www.gitignore.io/api/macOS 3 | 4 | ### macOS ### 5 | *.DS_Store 6 | .AppleDouble 7 | .LSOverride 8 | 9 | # Icon must end with two \r 10 | Icon 11 | 12 | # Thumbnails 13 | ._* 14 | 15 | # Files that might appear in the root of a volume 16 | .DocumentRevisions-V100 17 | .fseventsd 18 | .Spotlight-V100 19 | .TemporaryItems 20 | .Trashes 21 | .VolumeIcon.icns 22 | .com.apple.timemachine.donotpresent 23 | 24 | # Directories potentially created on remote AFP share 25 | .AppleDB 26 | .AppleDesktop 27 | Network Trash Folder 28 | Temporary Items 29 | .apdisk 30 | 31 | 32 | # End of https://www.gitignore.io/api/macOS 33 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | # My CTF Challenges 3 | 4 | |CTF| Name | Language | Summary | Level | 5 | |---| --- | --- | --- | --- | 6 | |TCTF2018_finals| show me the shell | Java | Spring autobind /Deserialize | medium 7 | 8 | 9 | -------------------------------------------------------------------------------- /tctf2018_finals/README.MD: -------------------------------------------------------------------------------- 1 | # Build Environment 2 | 3 | ``` 4 | docker-compose build 5 | docker-compose up -d 6 | ``` 7 | 8 | 9 | # WriteUp 10 | 11 | -------------------------------------------------------------------------------- /tctf2018_finals/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | services: 3 | web: 4 | image: tom4to/tctf2018_web 5 | depends_on: 6 | - mysql 7 | ports: 8 | - "8080:8080" 9 | networks: 10 | vpcbr: 11 | ipv4_address: 10.5.0.5 12 | 13 | mysql: 14 | image: mysql:5 15 | environment: 16 | - MYSQL_ROOT_PASSWORD=123456 17 | - MYSQL_DATABASE=report 18 | volumes: 19 | - ./report.sql:/docker-entrypoint-initdb.d/report.sql 20 | networks: 21 | vpcbr: 22 | ipv4_address: 10.5.0.6 23 | 24 | networks: 25 | vpcbr: 26 | driver: bridge 27 | ipam: 28 | config: 29 | - subnet: 10.5.0.0/16 30 | gateway: 10.5.0.1 -------------------------------------------------------------------------------- /tctf2018_finals/report.sql: -------------------------------------------------------------------------------- 1 | /* 2 | Navicat Premium Data Transfer 3 | 4 | Source Server : docker 5 | Source Server Type : MySQL 6 | Source Server Version : 50559 7 | Source Host : 127.0.0.1 8 | Source Database : report 9 | 10 | Target Server Type : MySQL 11 | Target Server Version : 50559 12 | File Encoding : utf-8 13 | 14 | Date: 05/09/2018 14:53:10 PM 15 | */ 16 | USE `report`; 17 | grant SELECT,INSERT,UPDATE on report.* to report@"%" identified by "123456"; 18 | flush privileges; 19 | SET NAMES utf8; 20 | SET FOREIGN_KEY_CHECKS = 0; 21 | 22 | -- ---------------------------- 23 | -- Table structure for `post` 24 | -- ---------------------------- 25 | DROP TABLE IF EXISTS `post`; 26 | CREATE TABLE `post` ( 27 | `pid` int(11) NOT NULL AUTO_INCREMENT, 28 | `uid` int(11) DEFAULT NULL, 29 | `title` varchar(255) DEFAULT NULL, 30 | `content` varchar(255) DEFAULT NULL, 31 | `status` int(11) DEFAULT NULL, 32 | PRIMARY KEY (`pid`) 33 | ) ENGINE=MyISAM AUTO_INCREMENT=27 DEFAULT CHARSET=utf8; 34 | 35 | -- ---------------------------- 36 | -- Table structure for `user` 37 | -- ---------------------------- 38 | DROP TABLE IF EXISTS `user`; 39 | CREATE TABLE `user` ( 40 | `uid` int(11) NOT NULL AUTO_INCREMENT, 41 | `username` varchar(64) DEFAULT NULL, 42 | `password` varchar(128) DEFAULT NULL, 43 | `headurl` varchar(64) DEFAULT NULL, 44 | `isadmin` tinyint(1) DEFAULT NULL, 45 | PRIMARY KEY (`uid`) 46 | ) ENGINE=MyISAM AUTO_INCREMENT=11 DEFAULT CHARSET=utf8; 47 | 48 | 49 | INSERT INTO `user` (username,password,headurl,isadmin) VALUES ('report_admin','report_admin20182333aa','/headimg/default.jpg',1); 50 | 51 | 52 | SET FOREIGN_KEY_CHECKS = 1; 53 | --------------------------------------------------------------------------------