목록전체 글 (7)
ash3r & dmawhwhd
Codeagate 2022 Final writeup
Web 1. Calc. from flask import Flask, render_template, render_template_string, request import re app = Flask (__name__) @app.route('/') def calc(): expression = request.args.get('expression') filters = ["'","\"","_","[","]",",","`","sys","os","flag","%","class","config","self","\\"] request.args = None try: for filter in filters: if filter in expression: raise Exception("filterd") result = rende..
Wacon 2022 Final
Misc - query-master #!/usr/bin/python3 import random import string import subprocess def randName(): return ''.join([random.choice(string.hexdigits) for i in range(16)]) dbpath = f'/tmp/{randName()}.db' query = input("Query >> ") ban = ['.', 'lo', ';'] for x in ban: if x in query: print("Filtered..") exit() proc = subprocess.Popen(["sqlite3", dbpath, query], stdout=subprocess.PIPE) (out, err) = ..
Profile 🔎Seungjun Kim (ash3r & dmawhwhd)Nationality : South KoreaBirth : 2004Work 👨💻Enki (2022.12.5 ~ 2023.12.18)Zellic (2024.1.3 ~ 2025.9)Hexalabs (2025.8 ~ 2026.2)Hexalabs by Crocus (2026.2 ~ now)Affiliation 🎓EducationKaist 한국과학기술원sunrin internet high school 선린인터넷고등학교서울여자대학교 정보보호영재교육원CTF TeamSuper GuesserAwards 🏆2025 DEFCON CTF 33 3위2025 HACKTHEON SEJONG 전국대학생사이버보안경진대회 4위2024 DEFCON CTF ..