台語版官方 writeup for HITCON CTF 2025| 劣質文章農場
前幾工我佇 X 咧巡田水時影著有人咧講 WHATWG 有一个 spec 隨欲正式實行矣,講是會當去解決著 mXSS 兮問題,予咱向「the end of mXSS」閣較倚一步。 Escape ”<” and ”>” in attributes when serializing HTML · Issue #6235 · whatwg/htmlI’m submitting this issue after a short discussion on Twitter with @zcorpan today. I think we should change the rules of escaping a| 劣質文章農場
This post, co-authored with Orange, is based on a talk originally presented at Black Hat Europe 2024 and is cross-posted from DEVCORE. The research unveils a new attack surface in Windows by exploiting Best-Fit, an internal charset conversion feature. Through our work, we successfully transformed this feature into several practical| 劣質文章農場
English version: HITCON CTF 2023 Challenges I only made 2 challenges these year, great, it’s much easier for me to write this write-up :P Actually I was planning to release 4 challenges in total: I was initially going to create a reverse challenge, but I got too lazy| 劣質文章農場
I only made 2 challenges these year, great, it's much easier for me to write this write-up :P Actually I was planning to release 4 challenges in total: I was initially going to create a reverse challenge, but I got too lazy to write it. As for the| 劣質文章農場
隨手記錄巴拉圭的一些日常事物 App Bolt = Uber;雖然這邊也是有 Uber,但 Bolt 價格通常遠比 Uber 便宜不少,約為七折上下。 PedidosYa / Monchis| 劣質文章農場
寫完前一篇 HackMD XSS 後,突然想到去年也有發現過一個有點類似的(但是是簡單版的)洞,因此在這邊簡單記錄一下。| 劣質文章農場
在 AIS3 2022 的時候 maple3142 突然就挖到了兩個 XSS,於是就決定跟風來挖一下,結果就順利找到了!值得一提的是這次的 XSS 不同| 劣質文章農場
我有在 SITCON 2021 發表一場以 PHPFuck 為主題的短講,有興趣的可以看看 PHP 是世界上最棒的語言,但我做了一個比它更棒的! | Slide PHPFuck 是我前陣子寫的一個簡易 PHP 混淆器,能將任意的 PHP 原始碼轉換成只運用到 ([+.^]) 七種字元的程式碼,其中大量運用到 PHP 的 weak type 特性,是一個受到 JSFuck 啟發的概念。 這東西意外地成為了我第一個破百星的專案(本來還以為會是其...| 劣質文章農場
Feel free to share your writeup with me, especially those unintended solutions I didn't mentioned here! I'll put the link to your writeup into this blog post. Hi there. My team ⚔️TSJ⚔️ hosted HITCON CTF 2022 with HITCON & 217 this weekend, and I created 6 out of 27 challenges for| 劣質文章農場
