├── File-Inclusion ├── XCTF-Final-2018-Bestphp │ ├── README.md │ ├── build │ ├── deploy │ │ ├── Dockerfile │ │ ├── default │ │ ├── src │ │ │ ├── admin.php │ │ │ ├── fsadgsdagsadgasd.php │ │ │ ├── function.php │ │ │ └── index.php │ │ └── start.sh │ ├── run │ └── writeup │ │ └── README.md └── hitcon-2018-one-line-php-challenge │ ├── README.md │ ├── build │ ├── deploy │ ├── Dockerfile │ ├── default │ ├── src │ │ └── index.php │ └── start.sh │ ├── run │ └── writeup │ ├── README.md │ └── img │ ├── decode.png │ ├── default.png │ └── session.png ├── RCE ├── hitcon-2015-babyfirst │ ├── README.md │ ├── build │ ├── deploy │ │ ├── Dockerfile │ │ ├── default │ │ ├── src │ │ │ └── index.php │ │ └── start.sh │ ├── run │ └── writeup │ │ ├── README.md │ │ └── img │ │ └── php_tar.png ├── hitcon-2017-babyfirst-revenge-v2 │ ├── README.md │ ├── build │ ├── deploy │ │ ├── Dockerfile │ │ ├── db.sql │ │ ├── default │ │ ├── src │ │ │ └── index.php │ │ └── start.sh │ ├── run │ └── writeup │ │ └── README.md └── hitcon-2017-babyfirst-revenge │ ├── README.md │ ├── build │ ├── deploy │ ├── Dockerfile │ ├── db.sql │ ├── default │ ├── src │ │ └── index.php │ └── start.sh │ ├── run │ └── writeup │ ├── README.md │ └── img │ └── shell.png ├── README.md ├── SSRF ├── 34c3-2017-extract0r │ ├── README.md │ ├── build │ ├── deploy │ │ ├── 000-default.conf │ │ ├── Dockerfile │ │ ├── db.sql │ │ ├── files │ │ │ └── create_a_backup_of_my_supersecret_flag.sh │ │ ├── mysqld.cnf │ │ ├── start.sh │ │ └── webroot │ │ │ ├── cyber_filter │ │ │ ├── files │ │ │ └── index.php │ │ │ ├── index.php │ │ │ └── url.php │ ├── run │ └── writeup │ │ ├── README.md │ │ ├── __init__.py │ │ ├── exploit.py │ │ ├── img │ │ ├── dir.png │ │ └── glob.png │ │ └── zip_tools.py └── n1ctf-2018-easy_harder_php │ ├── README.md │ ├── build │ ├── deploy │ ├── Dockerfile │ ├── clean_danger.sh │ ├── clear_db.sh │ ├── nu1lctf.tar.gz │ ├── run.sh │ └── sql.sql │ ├── run │ └── writeup │ ├── README.md │ └── img │ ├── burp.png │ ├── payload.png │ └── shell.png ├── Unserialization ├── hitcon-2016-babytrick │ ├── README.md │ ├── build │ ├── deploy │ │ ├── Dockerfile │ │ ├── db.sql │ │ ├── src │ │ │ ├── config.php │ │ │ └── index.php │ │ └── start.sh │ ├── run │ └── writeup │ │ └── README.md ├── hitcon-2017-baby^h-master-php │ ├── README.md │ ├── build │ ├── deploy │ │ ├── Dockerfile │ │ ├── default │ │ ├── src │ │ │ ├── index.php │ │ │ ├── read_flag │ │ │ └── read_secret │ │ └── start.sh │ ├── run │ └── writeup │ │ └── README.md ├── hitcon-2018-baby-cake │ ├── README.md │ ├── build │ ├── deploy │ │ ├── Dockerfile │ │ ├── default │ │ ├── src │ │ │ ├── baby_cake.tgz │ │ │ └── read_flag │ │ └── start.sh │ ├── run │ └── writeup │ │ ├── README.md │ │ └── img │ │ └── passwd.png └── lctf-2018-babyphp's-revenge │ ├── README.md │ ├── build │ ├── deploy │ ├── Dockerfile │ ├── default │ ├── src │ │ ├── flag.php │ │ └── index.php │ └── start.sh │ ├── run │ └── writeup │ ├── README.md │ └── img │ └── call_user_func.png └── XSS └── 34c3-2017-urlstorage ├── README.md ├── build ├── deploy ├── Dockerfile ├── app │ ├── .gitignore │ ├── manage.py │ └── urlstorage │ │ ├── __init__.py │ │ ├── fixtures │ │ └── admin.yaml │ │ ├── middleware.py │ │ ├── migrations │ │ ├── 0001_initial.py │ │ └── __init__.py │ │ ├── models.py │ │ ├── settings.py │ │ ├── static │ │ ├── css │ │ │ └── milligram.min.css │ │ └── pow.py │ │ ├── templates │ │ ├── base.html │ │ ├── contact.html │ │ ├── flag.html │ │ ├── index.html │ │ └── login.html │ │ ├── urls.py │ │ ├── views.py │ │ └── wsgi.py ├── db.sql ├── mysqld.cnf ├── nginx │ └── default ├── scripts │ ├── run_bot.py │ ├── run_bot.sh │ └── visit.js └── start.sh ├── run └── writeup ├── README.md ├── exploit.php ├── img ├── css.png └── rpo.png └── jquery.js /File-Inclusion/XCTF-Final-2018-Bestphp/README.md: -------------------------------------------------------------------------------- 1 | # 来源 2 | [session_start()&bestphp](https://www.anquanke.com/post/id/164569) -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/bestphp" ./deploy -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/XCTF-Final-2018-Bestphp/deploy/Dockerfile -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/XCTF-Final-2018-Bestphp/deploy/default -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/deploy/src/admin.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/XCTF-Final-2018-Bestphp/deploy/src/admin.php -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/deploy/src/fsadgsdagsadgasd.php: -------------------------------------------------------------------------------- 1 | //flag{best_H4cker_in_xctf} -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/deploy/src/function.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/XCTF-Final-2018-Bestphp/deploy/src/function.php -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/XCTF-Final-2018-Bestphp/deploy/src/index.php -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/XCTF-Final-2018-Bestphp/deploy/start.sh -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8003:80 ctf/bestphp -------------------------------------------------------------------------------- /File-Inclusion/XCTF-Final-2018-Bestphp/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/XCTF-Final-2018-Bestphp/writeup/README.md -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/README.md -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/one-line-php" ./deploy -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/Dockerfile -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/default -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/src/index.php -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/deploy/start.sh -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8001:80 ctf/one-line-php -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/README.md -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/img/decode.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/img/decode.png -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/img/default.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/img/default.png -------------------------------------------------------------------------------- /File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/img/session.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/File-Inclusion/hitcon-2018-one-line-php-challenge/writeup/img/session.png -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2015-babyfirst/README.md -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/babyfirst" ./deploy -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2015-babyfirst/deploy/Dockerfile -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2015-babyfirst/deploy/default -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2015-babyfirst/deploy/src/index.php -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2015-babyfirst/deploy/start.sh -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8002:80 ctf/babyfirst -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2015-babyfirst/writeup/README.md -------------------------------------------------------------------------------- /RCE/hitcon-2015-babyfirst/writeup/img/php_tar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2015-babyfirst/writeup/img/php_tar.png -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge-v2/README.md -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/babyfirst_revenge_v2" ./deploy -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge-v2/deploy/Dockerfile -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/deploy/db.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge-v2/deploy/db.sql -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge-v2/deploy/default -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge-v2/deploy/src/index.php -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge-v2/deploy/start.sh -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8009:80 ctf/babyfirst_revenge_v2 -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge-v2/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge-v2/writeup/README.md -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/README.md -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/babyfirst_revenge" ./deploy -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/deploy/Dockerfile -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/deploy/db.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/deploy/db.sql -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/deploy/default -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/deploy/src/index.php -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/deploy/start.sh -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8008:80 ctf/babyfirst_revenge -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/writeup/README.md -------------------------------------------------------------------------------- /RCE/hitcon-2017-babyfirst-revenge/writeup/img/shell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/RCE/hitcon-2017-babyfirst-revenge/writeup/img/shell.png -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/README.md -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/README.md -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t ctf/extract0r ./deploy 3 | -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/000-default.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/000-default.conf -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/Dockerfile -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/db.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/db.sql -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/files/create_a_backup_of_my_supersecret_flag.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/files/create_a_backup_of_my_supersecret_flag.sh -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/mysqld.cnf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/mysqld.cnf -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/start.sh -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/webroot/cyber_filter: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/webroot/cyber_filter -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/webroot/files/index.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/webroot/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/webroot/index.php -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/deploy/webroot/url.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/deploy/webroot/url.php -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/run: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | docker run -d -p 8013:80 -it ctf/extract0r 3 | -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/writeup/README.md -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/writeup/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/writeup/exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/writeup/exploit.py -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/writeup/img/dir.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/writeup/img/dir.png -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/writeup/img/glob.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/writeup/img/glob.png -------------------------------------------------------------------------------- /SSRF/34c3-2017-extract0r/writeup/zip_tools.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/34c3-2017-extract0r/writeup/zip_tools.py -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/README.md -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t='ctf/harder-php' ./deploy -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/deploy/Dockerfile -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/deploy/clean_danger.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd /app/adminpic/ 3 | rm *.jpg -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/deploy/clear_db.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/deploy/clear_db.sh -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/deploy/nu1lctf.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/deploy/nu1lctf.tar.gz -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/deploy/run.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/deploy/run.sh -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/deploy/sql.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/deploy/sql.sql -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/run: -------------------------------------------------------------------------------- 1 | # /bin/bash 2 | docker run -d -p 8006:80 ctf/harder-php -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/writeup/README.md -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/writeup/img/burp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/writeup/img/burp.png -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/writeup/img/payload.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/writeup/img/payload.png -------------------------------------------------------------------------------- /SSRF/n1ctf-2018-easy_harder_php/writeup/img/shell.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/SSRF/n1ctf-2018-easy_harder_php/writeup/img/shell.png -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2016-babytrick/README.md -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/babytrick" ./deploy -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2016-babytrick/deploy/Dockerfile -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/deploy/db.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2016-babytrick/deploy/db.sql -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/deploy/src/config.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2016-babytrick/deploy/src/config.php -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2016-babytrick/deploy/src/index.php -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2016-babytrick/deploy/start.sh -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8004:80 ctf/babytrick -------------------------------------------------------------------------------- /Unserialization/hitcon-2016-babytrick/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2016-babytrick/writeup/README.md -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/README.md -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/baby-master-php" ./deploy -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/deploy/Dockerfile -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/deploy/default -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/deploy/src/index.php -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/deploy/src/read_flag: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/deploy/src/read_flag -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/deploy/src/read_secret: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/deploy/src/read_secret -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/deploy/start.sh -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8007:80 ctf/baby-master-php -------------------------------------------------------------------------------- /Unserialization/hitcon-2017-baby^h-master-php/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2017-baby^h-master-php/writeup/README.md -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/README.md -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t='ctf/baby-cake' ./deploy -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/deploy/Dockerfile -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/deploy/default -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/deploy/src/baby_cake.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/deploy/src/baby_cake.tgz -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/deploy/src/read_flag: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/deploy/src/read_flag -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/deploy/start.sh -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/run: -------------------------------------------------------------------------------- 1 | # /bin/bash 2 | docker run -d -p 8000:80 ctf/baby-cake -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/writeup/README.md -------------------------------------------------------------------------------- /Unserialization/hitcon-2018-baby-cake/writeup/img/passwd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/hitcon-2018-baby-cake/writeup/img/passwd.png -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/README.md -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t="ctf/babyphp-revenge" ./deploy -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/deploy/Dockerfile -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/deploy/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/deploy/default -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/deploy/src/flag.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/deploy/src/flag.php -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/deploy/src/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/deploy/src/index.php -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/deploy/start.sh -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8005:80 ctf/babyphp-revenge -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/writeup/README.md -------------------------------------------------------------------------------- /Unserialization/lctf-2018-babyphp's-revenge/writeup/img/call_user_func.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/Unserialization/lctf-2018-babyphp's-revenge/writeup/img/call_user_func.png -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/README.md -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/build: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker build -t ctf/urlstorage ./deploy 3 | -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/Dockerfile -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/.gitignore: -------------------------------------------------------------------------------- 1 | *.sqlite3 2 | -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/manage.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/manage.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/fixtures/admin.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/fixtures/admin.yaml -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/middleware.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/middleware.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/migrations/0001_initial.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/migrations/0001_initial.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/migrations/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/models.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/models.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/settings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/settings.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/static/css/milligram.min.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/static/css/milligram.min.css -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/static/pow.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/static/pow.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/base.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/base.html -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/contact.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/contact.html -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/flag.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/flag.html -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/index.html -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/login.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/templates/login.html -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/urls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/urls.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/views.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/views.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/app/urlstorage/wsgi.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/app/urlstorage/wsgi.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/db.sql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/db.sql -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/mysqld.cnf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/mysqld.cnf -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/nginx/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/nginx/default -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/scripts/run_bot.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/scripts/run_bot.py -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/scripts/run_bot.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/scripts/run_bot.sh -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/scripts/visit.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/scripts/visit.js -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/deploy/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/deploy/start.sh -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker run -d -p 8012:80 ctf/urlstorage -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/writeup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/writeup/README.md -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/writeup/exploit.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/writeup/exploit.php -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/writeup/img/css.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/writeup/img/css.png -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/writeup/img/rpo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/writeup/img/rpo.png -------------------------------------------------------------------------------- /XSS/34c3-2017-urlstorage/writeup/jquery.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/shimmeris/CTF-Web-Challenges/HEAD/XSS/34c3-2017-urlstorage/writeup/jquery.js --------------------------------------------------------------------------------