Language : English | 简中

0x00 Sources

chall_4: CTF-Challenge/nodejs/chall_4 at master · meizjm3i/CTF-Challenge (github.com)

8-bit pub: AntCTF-x-D-3CTF/8-bit pub.zip at master · fghcvjk/AntCTF-x-D-3CTF (github.com)

hardjs: OurChallenges/XNUCA2019Qualifier/Web/hardjs at master · NeSE-Team/OurChallenges (github.com)

blueprint: redpwnctf-2019-challenges/web/blueprint at master · redpwn/redpwnctf-2019-challenges (github.com)

thejs: code-breaking/2018/thejs at master · phith0n/code-breaking (github.com)

0x01 EXP

The dictionary which named "exp" saves the solutions(Python Scripts --3.8.2 32bit) to the challenges.

Have fun!

: )

​ -- chenlvtang 2021/08/16

0x02 Difficulty

⭐⭐⭐⭐⭐ IS THE HARDEST

chall_4: ⭐⭐ （easy. U don't have to care about the error when u view the index , just try to hack.）

8-bit pub: ⭐⭐⭐⭐⭐ (I didn't do it. Because it needs Mysql && SMTP && Linux, why don't there are a Dockerfile. SAD....)

hardjs: ⭐⭐⭐⭐ (The origin Dockerfile had some problems, which wasted me a lot of time. I deleted the aliyun mirrors, and changed the mysql to mariadb, and it finally work. But it still failed in the Ubuntu, when i ran it in Kali, ohhhhh, Success. The EXP failed with unknow reason....but I think the exp's logic is right. )

thejs: ⭐⭐⭐⭐ (if u had finished hardjs, this challenge will be very easy)

blueprint: ⭐⭐⭐(Medium, but fun)