Damned Rooms

游戏名称

密室惊魂Online

项目说明

这个桌游是一个曾经开桌游店的同事送的,觉得这个游戏很有意思,但是一般需要5-8人,线下组局太难了。加入官方QQ群之后发现大家会在QQ群里通过建讨论组的方式来在线组局。此种方式需要一个MC主持游戏,每个人的选择和行动都是私聊给MC,MC通过PS软件绘制游戏地图,并通过各种图层来控制元素的堆放和移动,然后截图发在讨论组里。不禁感慨玩家的智慧是多么的强大。

后来我就在想,何不用程序来代替MC和PS呢?于是这个项目就诞生了。

托管地址https://github.com/xelzmm/danmned

开发语言:nodejs

相关技术:ejs, websocket, css3

游戏截图

教学界面

游戏介绍

密室惊魂是一款运用语言和推理逻辑,结合区域行动策略的版图桌面游戏。 游戏讲述一群中毒的受害者被奸徒困在一个完美密室里,大家需要在有限的时间内互相交流合作,寻找线索破解迷题,最终突破奸徒的阻挠找到出口逃生。该款游戏的特色是将玩家的语言交流和实际行动相结合,是一个考验玩家之间合作和显示玩家智慧的新型语言推理类桌面游戏。

游戏人数: 5到9人,已支持3-4人的mini模式

游戏时长: 约60至90分钟

游戏类型: 语言推理类

Read on →

什么是路由器(译)?

Origin:http://www.inetdaemon.com/tutorials/internet/ip/routing/define_router.shtml

路由器(包括无线路由器),是一种连接两个以上不同的网络、具备网络间数据包转发功能的专用网络设备。它基于IP协议,工作在网络层(OSI七层模型的第3层)。路由器的主要功能是将不同的网络连接起来,让它们相互间能够进行数据交换,并将局域网内不必要的广播流量精确地发送到目标主机。有很多制造路由器的厂商,简单列举一些:Cisco(思科),Linksys,Juniper,Netgear(网件),Nortel (北电),Redback,Lucent(朗讯),3Com,HP(惠普),Dlink,Belkin(贝尔金)等。

有一些网络技能认证考试(如CCNA,CCNP,JNCIA,JNCIE)会考你区分网络设备的能力。这篇关于路由器的文章主要会解释如何辨别路由器,路由器有哪些功能(当然不包含某些厂商特有的技术)。

Read on →

Solution for Google Banning Linodes

Google banned Linodes

I usually use linode to visit Google services via ssh tunnel. but recently I always got captchas even Sorry... page.

Finally I knows that google banned ipv6 traffics from linode which they treated as robots.

Solution

disable ipv6 of linode

for Ubuntu

append lines below to /etc/sysctl.conf

  • net.ipv6.conf.all.disable_ipv6=1

  • net.ipv6.conf.default.disable_ipv6=1

  • net.ipv6.conf.lo.disable_ipv6=1

then restart network /etc/init.d/networking restart or reboot

New to Jekyll!

Hello Jekyll.

Write Up of a Very Interesting Wargame

Recently I’m playing a wargame named [shhhh… edited].

I’ve hidden the game name so that challengers could not find here by some searching work.

If you guys are about to cheat by this, get lost now.

You can find the game at [url]c-a-n-y-o-u-h-a-c-k.i-t(replace the dash with nothing)

Try to figure out by yourself, if you are really really really stucked, have a sight for some hints.

Read on →

For Our One Year Anniversary

I make this page to remember our love.

GitHub: https://github.com/xelzmm/Love

View: http://iloveyamei.aliapp.com | http://love.xelz.info

DefCon CTF Qualifier 2013 3dub 3 Write Up

mirror of http://www.blue-lotus.net/def-con-ctf-qualifier-2013-3dub-3-writeup/

First of all, we got a secrets link and log in or create user form. When we create and login, the website redirect us to the ‘secrets’ page like this

Secrets

name owner actions

key admin show

nothing asdf show

new secret

we’ve got some links to see secrets owned by other users, include the admin, or easily add a new secret ourselves.

Having a try to open the admin’s secret, we got a 500 Error Page with some error stack, which powered by the Ruby framework Sinatra.

From the very first sight of the page, it said unauthorized as the error message and a piece of source code was provided

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
end

redirect '/secrets'
end

get '/secrets/:id' do
s = SECRETS[params[:id].to_i]
raise "unauthorized" if session[:user_name] != s.username

haml :secret, locals: {secret: s}
end

helpers do
def current_user
    return nil unless session[:user_name]
Read on →
ctf, web

BkP-CTF 2013 MITM

前两天BkP的CTF练习赛中的一道题,crypto 200,题目如下

message 1: QUVTLTI1NiBFQ0IgbW9kZSB0d2ljZSwgdHdvIGtleXM=

encrypted: THbpB4bE82Rq35khemTQ10ntxZ8sf7s2WK8ErwcdDEc=

message 2: RWFjaCBrZXkgemVybyB1bnRpbCBsYXN0IDI0IGJpdHM=

encrypted: 01YZbSrta2N+1pOeQppmPETzoT/Yqb816yGlyceuEOE=

ciphertext: s5hd0ThTkv1U44r9aRyUhaX5qJe561MZ16071nlvM9U=

看到最后的等号首先就想到了base64编码,decode之后得到

message1: AES-256 ECB mode twice, two keys

message2: Each key zero until last 24 bits

两轮AES-256加密,padding=ECB,key不一样,但是前面都是0x00,只有最后24位需要破解

密文都是2进制不可读,不贴了

题目提示了是256位(32字节的key),前29个字节都是0,需要破解两个key的后3个字节,纯暴力方式需要尝试224 * 224 = 248 ≈ 2.81e14种可能,这么大的计算量,显然是不现实的。

Read on →