H1ve
H1ve copied to clipboard
An Easy / Quick / Cheap Integrated Platform
Bumps [mistune](https://github.com/lepture/mistune) from 0.8.4 to 2.0.3. Release notes Sourced from mistune's releases. Version 2.0.2 Fix escape_url via lepture/mistune#295 Version 2.0.1 Fix XSS for image link syntax. Version 2.0.0 First release...
### New Issue Checklist (自检清单) - [x] Updated H1ve to the latest version (是否更新到最新版本) - [x] I have read the [README](https://github.com/D0g3-Lab/H1ve/blob/master/README.md) - [x] I searched for [existing GitHub issues](https://github.com/D0g3-Lab/H1ve/issues) ###...
Bumps [terser](https://github.com/terser/terser) from 4.6.4 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...
Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.0.7 to 1.1.1. Changelog Sourced from eventsource's changelog. 1.1.1 Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal) 1.1.0 Improve performance...
Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) Commits c6bdaca Version 2.6.4 8870da9 Update built files 4df6754 update changelog 8f7f903...
### Issue Description (问题描述) 在打开题目的窗口之后,使用js不断执行 CTFd._internal.challenge.boot() 等待半秒后 CTFd._internal.challenge.destroy() 或者使用cs在webview2中执行 while(true) { Web.CoreWebView2.ExecuteScriptAsync("CTFd._internal.challenge.boot()"); Thread.Sleep(400); Web.CoreWebView2.ExecuteScriptAsync("CTFd._internal.challenge.destroy()"); } 可以在后台无限制开docker,只受操作频率的限制 如果频率限制较低的话,会使运行docker的机器缓存大量docker请求,无法处理正常请求,导致平台和docker无法正常使用 平台表现: ![LRY_ JAVN)${ FE4{~W05F](https://user-images.githubusercontent.com/73374735/164126074-9bd8d4dd-2fbe-485e-a90a-c1a53128c564.png) ![}ZBGD L)SE4) 0Y`IIXBIOM](https://user-images.githubusercontent.com/73374735/164126183-f2056cc0-4f8f-48a7-84b8-5c2ddd3759f9.png) 后台监测: ![image](https://user-images.githubusercontent.com/73374735/164126272-ba54af03-a13c-4a63-834f-5be3231c6a80.png) ![image](https://user-images.githubusercontent.com/73374735/164126222-a50dfffd-7722-4117-be83-be3a91e2bf60.png) 只有手动多次重启平台和机器才能解决问题 ### Version...
### New Issue Checklist (自检清单) - [ ] Updated H1ve to the latest version (是否更新到最新版本) - [ ] I have read the [README](https://github.com/D0g3-Lab/H1ve/blob/master/README.md) - [ ] I searched for [existing...
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...
Bumps [prismjs](https://github.com/PrismJS/prism) from 1.19.0 to 1.27.0. Release notes Sourced from prismjs's releases. v1.27.0 Release 1.27.0 v1.26.0 Release 1.26.0 v1.25.0 Release 1.25.0 v1.24.1 Release 1.24.1 v1.24.0 Release 1.24.0 v1.23.0 Release 1.23.0...