diff --git a/CTF/RedRockCTF/Img/5525.png b/CTF/RedRockCTF/Img/5525.png
new file mode 100644
index 0000000..c0c42ce
Binary files /dev/null and b/CTF/RedRockCTF/Img/5525.png differ
diff --git a/CTF/RedRockCTF/Img/JPG.png b/CTF/RedRockCTF/Img/JPG.png
new file mode 100644
index 0000000..dcaad28
Binary files /dev/null and b/CTF/RedRockCTF/Img/JPG.png differ
diff --git a/CTF/RedRockCTF/Img/JPG2.png b/CTF/RedRockCTF/Img/JPG2.png
new file mode 100644
index 0000000..5712f95
Binary files /dev/null and b/CTF/RedRockCTF/Img/JPG2.png differ
diff --git a/CTF/RedRockCTF/Img/JPG3.png b/CTF/RedRockCTF/Img/JPG3.png
new file mode 100644
index 0000000..d9932de
Binary files /dev/null and b/CTF/RedRockCTF/Img/JPG3.png differ
diff --git a/CTF/RedRockCTF/Img/JPG4.png b/CTF/RedRockCTF/Img/JPG4.png
new file mode 100644
index 0000000..9fb26d7
Binary files /dev/null and b/CTF/RedRockCTF/Img/JPG4.png differ
diff --git a/CTF/RedRockCTF/Img/Morse_Code.png b/CTF/RedRockCTF/Img/Morse_Code.png
new file mode 100644
index 0000000..faf167b
Binary files /dev/null and b/CTF/RedRockCTF/Img/Morse_Code.png differ
diff --git a/CTF/RedRockCTF/Img/What is RSA.png b/CTF/RedRockCTF/Img/What is RSA.png
new file mode 100644
index 0000000..2339fc6
Binary files /dev/null and b/CTF/RedRockCTF/Img/What is RSA.png differ
diff --git a/CTF/RedRockCTF/Img/baby_Reverse.png b/CTF/RedRockCTF/Img/baby_Reverse.png
new file mode 100644
index 0000000..80976ea
Binary files /dev/null and b/CTF/RedRockCTF/Img/baby_Reverse.png differ
diff --git a/CTF/RedRockCTF/Img/baby_Reverse2.png b/CTF/RedRockCTF/Img/baby_Reverse2.png
new file mode 100644
index 0000000..1b69899
Binary files /dev/null and b/CTF/RedRockCTF/Img/baby_Reverse2.png differ
diff --git a/CTF/RedRockCTF/Img/baby_Reverse3.png b/CTF/RedRockCTF/Img/baby_Reverse3.png
new file mode 100644
index 0000000..c4e10d1
Binary files /dev/null and b/CTF/RedRockCTF/Img/baby_Reverse3.png differ
diff --git a/CTF/RedRockCTF/Img/baby_Reverse4.png b/CTF/RedRockCTF/Img/baby_Reverse4.png
new file mode 100644
index 0000000..719f094
Binary files /dev/null and b/CTF/RedRockCTF/Img/baby_Reverse4.png differ
diff --git a/CTF/RedRockCTF/Img/baby_Reverse5.png b/CTF/RedRockCTF/Img/baby_Reverse5.png
new file mode 100644
index 0000000..167ab8b
Binary files /dev/null and b/CTF/RedRockCTF/Img/baby_Reverse5.png differ
diff --git a/CTF/RedRockCTF/Img/baby_Reverse6.png b/CTF/RedRockCTF/Img/baby_Reverse6.png
new file mode 100644
index 0000000..762abf8
Binary files /dev/null and b/CTF/RedRockCTF/Img/baby_Reverse6.png differ
diff --git a/CTF/RedRockCTF/Img/backdoorbetacat.png b/CTF/RedRockCTF/Img/backdoorbetacat.png
new file mode 100644
index 0000000..8eb00e1
Binary files /dev/null and b/CTF/RedRockCTF/Img/backdoorbetacat.png differ
diff --git a/CTF/RedRockCTF/Img/backdoorbetacat2.png b/CTF/RedRockCTF/Img/backdoorbetacat2.png
new file mode 100644
index 0000000..4923368
Binary files /dev/null and b/CTF/RedRockCTF/Img/backdoorbetacat2.png differ
diff --git a/CTF/RedRockCTF/Img/backdoorbetacat3.png b/CTF/RedRockCTF/Img/backdoorbetacat3.png
new file mode 100644
index 0000000..521de23
Binary files /dev/null and b/CTF/RedRockCTF/Img/backdoorbetacat3.png differ
diff --git a/CTF/RedRockCTF/Img/backdoorbetacat4.png b/CTF/RedRockCTF/Img/backdoorbetacat4.png
new file mode 100644
index 0000000..912c703
Binary files /dev/null and b/CTF/RedRockCTF/Img/backdoorbetacat4.png differ
diff --git a/CTF/RedRockCTF/Img/betacatyuma.png b/CTF/RedRockCTF/Img/betacatyuma.png
new file mode 100644
index 0000000..04b3d6c
Binary files /dev/null and b/CTF/RedRockCTF/Img/betacatyuma.png differ
diff --git a/CTF/RedRockCTF/Img/betacatyuma2.png b/CTF/RedRockCTF/Img/betacatyuma2.png
new file mode 100644
index 0000000..86f4b3c
Binary files /dev/null and b/CTF/RedRockCTF/Img/betacatyuma2.png differ
diff --git a/CTF/RedRockCTF/Img/ccat.png b/CTF/RedRockCTF/Img/ccat.png
new file mode 100644
index 0000000..166f4a9
Binary files /dev/null and b/CTF/RedRockCTF/Img/ccat.png differ
diff --git a/CTF/RedRockCTF/Img/e-small.png b/CTF/RedRockCTF/Img/e-small.png
new file mode 100644
index 0000000..fe9ee2d
Binary files /dev/null and b/CTF/RedRockCTF/Img/e-small.png differ
diff --git a/CTF/RedRockCTF/Img/e-small2.png b/CTF/RedRockCTF/Img/e-small2.png
new file mode 100644
index 0000000..75c84d4
Binary files /dev/null and b/CTF/RedRockCTF/Img/e-small2.png differ
diff --git a/CTF/RedRockCTF/Img/e-small3.png b/CTF/RedRockCTF/Img/e-small3.png
new file mode 100644
index 0000000..a0fe11b
Binary files /dev/null and b/CTF/RedRockCTF/Img/e-small3.png differ
diff --git a/CTF/RedRockCTF/Img/easy crypto.png b/CTF/RedRockCTF/Img/easy crypto.png
new file mode 100644
index 0000000..048ae57
Binary files /dev/null and b/CTF/RedRockCTF/Img/easy crypto.png differ
diff --git a/CTF/RedRockCTF/Img/easy.png b/CTF/RedRockCTF/Img/easy.png
new file mode 100644
index 0000000..376c1ff
Binary files /dev/null and b/CTF/RedRockCTF/Img/easy.png differ
diff --git a/CTF/RedRockCTF/Img/ele.png b/CTF/RedRockCTF/Img/ele.png
new file mode 100644
index 0000000..c03bc3a
Binary files /dev/null and b/CTF/RedRockCTF/Img/ele.png differ
diff --git a/CTF/RedRockCTF/Img/ele2.png b/CTF/RedRockCTF/Img/ele2.png
new file mode 100644
index 0000000..65af824
Binary files /dev/null and b/CTF/RedRockCTF/Img/ele2.png differ
diff --git a/CTF/RedRockCTF/Img/ele4.png b/CTF/RedRockCTF/Img/ele4.png
new file mode 100644
index 0000000..556cdc9
Binary files /dev/null and b/CTF/RedRockCTF/Img/ele4.png differ
diff --git a/CTF/RedRockCTF/Img/ele5.png b/CTF/RedRockCTF/Img/ele5.png
new file mode 100644
index 0000000..04de177
Binary files /dev/null and b/CTF/RedRockCTF/Img/ele5.png differ
diff --git a/CTF/RedRockCTF/Img/ele6.png b/CTF/RedRockCTF/Img/ele6.png
new file mode 100644
index 0000000..fcb26e6
Binary files /dev/null and b/CTF/RedRockCTF/Img/ele6.png differ
diff --git a/CTF/RedRockCTF/Img/liuyan.png b/CTF/RedRockCTF/Img/liuyan.png
new file mode 100644
index 0000000..70a3031
Binary files /dev/null and b/CTF/RedRockCTF/Img/liuyan.png differ
diff --git a/CTF/RedRockCTF/Img/liuyan2.png b/CTF/RedRockCTF/Img/liuyan2.png
new file mode 100644
index 0000000..ac4d2ea
Binary files /dev/null and b/CTF/RedRockCTF/Img/liuyan2.png differ
diff --git a/CTF/RedRockCTF/Img/login.png b/CTF/RedRockCTF/Img/login.png
new file mode 100644
index 0000000..70b7c59
Binary files /dev/null and b/CTF/RedRockCTF/Img/login.png differ
diff --git a/CTF/RedRockCTF/Img/lsb.png b/CTF/RedRockCTF/Img/lsb.png
new file mode 100644
index 0000000..f7acbdd
Binary files /dev/null and b/CTF/RedRockCTF/Img/lsb.png differ
diff --git a/CTF/RedRockCTF/Img/md5.png b/CTF/RedRockCTF/Img/md5.png
new file mode 100644
index 0000000..ff3a086
Binary files /dev/null and b/CTF/RedRockCTF/Img/md5.png differ
diff --git a/CTF/RedRockCTF/Img/md52.png b/CTF/RedRockCTF/Img/md52.png
new file mode 100644
index 0000000..f68ca04
Binary files /dev/null and b/CTF/RedRockCTF/Img/md52.png differ
diff --git a/CTF/RedRockCTF/Img/mermory.png b/CTF/RedRockCTF/Img/mermory.png
new file mode 100644
index 0000000..f5a4443
Binary files /dev/null and b/CTF/RedRockCTF/Img/mermory.png differ
diff --git a/CTF/RedRockCTF/Img/mermory2.png b/CTF/RedRockCTF/Img/mermory2.png
new file mode 100644
index 0000000..b4142a4
Binary files /dev/null and b/CTF/RedRockCTF/Img/mermory2.png differ
diff --git a/CTF/RedRockCTF/Img/mini_game.png b/CTF/RedRockCTF/Img/mini_game.png
new file mode 100644
index 0000000..52a44bf
Binary files /dev/null and b/CTF/RedRockCTF/Img/mini_game.png differ
diff --git a/CTF/RedRockCTF/Img/mini_game2.png b/CTF/RedRockCTF/Img/mini_game2.png
new file mode 100644
index 0000000..e593b69
Binary files /dev/null and b/CTF/RedRockCTF/Img/mini_game2.png differ
diff --git a/CTF/RedRockCTF/Img/playwithbetacat.png b/CTF/RedRockCTF/Img/playwithbetacat.png
new file mode 100644
index 0000000..c286bee
Binary files /dev/null and b/CTF/RedRockCTF/Img/playwithbetacat.png differ
diff --git a/CTF/RedRockCTF/Img/playwithbetacat2.png b/CTF/RedRockCTF/Img/playwithbetacat2.png
new file mode 100644
index 0000000..fd1b4ca
Binary files /dev/null and b/CTF/RedRockCTF/Img/playwithbetacat2.png differ
diff --git a/CTF/RedRockCTF/Img/qd.png b/CTF/RedRockCTF/Img/qd.png
new file mode 100644
index 0000000..d0e26da
Binary files /dev/null and b/CTF/RedRockCTF/Img/qd.png differ
diff --git a/CTF/RedRockCTF/Img/real login.png b/CTF/RedRockCTF/Img/real login.png
new file mode 100644
index 0000000..884a490
Binary files /dev/null and b/CTF/RedRockCTF/Img/real login.png differ
diff --git a/CTF/RedRockCTF/Img/real1ty-small.png b/CTF/RedRockCTF/Img/real1ty-small.png
new file mode 100644
index 0000000..c7e8a80
Binary files /dev/null and b/CTF/RedRockCTF/Img/real1ty-small.png differ
diff --git a/CTF/RedRockCTF/Img/real1ty-small2.png b/CTF/RedRockCTF/Img/real1ty-small2.png
new file mode 100644
index 0000000..a884c36
Binary files /dev/null and b/CTF/RedRockCTF/Img/real1ty-small2.png differ
diff --git a/CTF/RedRockCTF/Img/realqd.png b/CTF/RedRockCTF/Img/realqd.png
new file mode 100644
index 0000000..580fbed
Binary files /dev/null and b/CTF/RedRockCTF/Img/realqd.png differ
diff --git a/CTF/RedRockCTF/Img/rel1ty-big.png b/CTF/RedRockCTF/Img/rel1ty-big.png
new file mode 100644
index 0000000..cf384c5
Binary files /dev/null and b/CTF/RedRockCTF/Img/rel1ty-big.png differ
diff --git a/CTF/RedRockCTF/Img/rel1ty-big2.png b/CTF/RedRockCTF/Img/rel1ty-big2.png
new file mode 100644
index 0000000..97b35e5
Binary files /dev/null and b/CTF/RedRockCTF/Img/rel1ty-big2.png differ
diff --git a/CTF/RedRockCTF/Img/rel1ty-big3.png b/CTF/RedRockCTF/Img/rel1ty-big3.png
new file mode 100644
index 0000000..939f647
Binary files /dev/null and b/CTF/RedRockCTF/Img/rel1ty-big3.png differ
diff --git a/CTF/RedRockCTF/Img/robot.png b/CTF/RedRockCTF/Img/robot.png
new file mode 100644
index 0000000..766b5e1
Binary files /dev/null and b/CTF/RedRockCTF/Img/robot.png differ
diff --git a/CTF/RedRockCTF/Img/robot2.png b/CTF/RedRockCTF/Img/robot2.png
new file mode 100644
index 0000000..e7a7758
Binary files /dev/null and b/CTF/RedRockCTF/Img/robot2.png differ
diff --git a/CTF/RedRockCTF/Img/slowjson.png b/CTF/RedRockCTF/Img/slowjson.png
new file mode 100644
index 0000000..bcd491b
Binary files /dev/null and b/CTF/RedRockCTF/Img/slowjson.png differ
diff --git a/CTF/RedRockCTF/Img/snake.png b/CTF/RedRockCTF/Img/snake.png
new file mode 100644
index 0000000..8004161
Binary files /dev/null and b/CTF/RedRockCTF/Img/snake.png differ
diff --git a/CTF/RedRockCTF/Img/tutu.png b/CTF/RedRockCTF/Img/tutu.png
new file mode 100644
index 0000000..5007963
Binary files /dev/null and b/CTF/RedRockCTF/Img/tutu.png differ
diff --git a/CTF/RedRockCTF/Img/tutu2.png b/CTF/RedRockCTF/Img/tutu2.png
new file mode 100644
index 0000000..931b73d
Binary files /dev/null and b/CTF/RedRockCTF/Img/tutu2.png differ
diff --git a/CTF/RedRockCTF/Img/tutu3.png b/CTF/RedRockCTF/Img/tutu3.png
new file mode 100644
index 0000000..05eb453
Binary files /dev/null and b/CTF/RedRockCTF/Img/tutu3.png differ
diff --git a/CTF/RedRockCTF/Img/upload.png b/CTF/RedRockCTF/Img/upload.png
new file mode 100644
index 0000000..d051160
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload.png differ
diff --git a/CTF/RedRockCTF/Img/upload2.png b/CTF/RedRockCTF/Img/upload2.png
new file mode 100644
index 0000000..29d4207
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload2.png differ
diff --git a/CTF/RedRockCTF/Img/upload3.png b/CTF/RedRockCTF/Img/upload3.png
new file mode 100644
index 0000000..48fd1d5
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload3.png differ
diff --git a/CTF/RedRockCTF/Img/upload4.png b/CTF/RedRockCTF/Img/upload4.png
new file mode 100644
index 0000000..8445121
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload4.png differ
diff --git a/CTF/RedRockCTF/Img/upload5.png b/CTF/RedRockCTF/Img/upload5.png
new file mode 100644
index 0000000..a998f69
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload5.png differ
diff --git a/CTF/RedRockCTF/Img/upload6.png b/CTF/RedRockCTF/Img/upload6.png
new file mode 100644
index 0000000..aa7f2f0
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload6.png differ
diff --git a/CTF/RedRockCTF/Img/upload7.png b/CTF/RedRockCTF/Img/upload7.png
new file mode 100644
index 0000000..162c545
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload7.png differ
diff --git a/CTF/RedRockCTF/Img/upload8.png b/CTF/RedRockCTF/Img/upload8.png
new file mode 100644
index 0000000..15c695a
Binary files /dev/null and b/CTF/RedRockCTF/Img/upload8.png differ
diff --git a/CTF/RedRockCTF/Img/wireshark.png b/CTF/RedRockCTF/Img/wireshark.png
new file mode 100644
index 0000000..0375848
Binary files /dev/null and b/CTF/RedRockCTF/Img/wireshark.png differ
diff --git a/CTF/RedRockCTF/Img/ymc.png b/CTF/RedRockCTF/Img/ymc.png
new file mode 100644
index 0000000..dc5e33e
Binary files /dev/null and b/CTF/RedRockCTF/Img/ymc.png differ
diff --git a/CTF/RedRockCTF/Img/zip.png b/CTF/RedRockCTF/Img/zip.png
new file mode 100644
index 0000000..5516b42
Binary files /dev/null and b/CTF/RedRockCTF/Img/zip.png differ
diff --git a/CTF/RedRockCTF/Img/zip2.png b/CTF/RedRockCTF/Img/zip2.png
new file mode 100644
index 0000000..2c0d42b
Binary files /dev/null and b/CTF/RedRockCTF/Img/zip2.png differ
diff --git a/CTF/RedRockCTF/RedRockCTF.md b/CTF/RedRockCTF/RedRockCTF.md
index 12d9c54..f31a6bb 100644
--- a/CTF/RedRockCTF/RedRockCTF.md
+++ b/CTF/RedRockCTF/RedRockCTF.md
@@ -1,6 +1,6 @@
 REDROCK CTF  WP
 
-参赛人：吴文俊
+参赛人：yingwenzha
 
 
 
@@ -16,15 +16,15 @@ MISC
 
 没啥好说的跑酷就完了(绿宝石那关后面有捷径)
 
-![ymc](C:\Users\xiaobai\Desktop\CTFWP\ymc.png)
+![ymc](./Img/ymc.png)
 
 2.签到
 
-![image-20241117155243713](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155243713.png)
+![image-20241117155243713](./Img/qd.png)
 
 cv
 
-3.290的小秘密 lsb加密用stegsolve![image-20241117155359050](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155359050.png)
+3.290的小秘密 lsb加密用stegsolve![lsb](./Img/lsb.png)
 
 就出来了
 
@@ -34,7 +34,7 @@ cv
 
 最后一个的hex就直接是了
 
-![image-20241117155513044](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155513044.png)
+![wireshark](.\Img\wireshark.png)
 
 5.我图图呢
 
@@ -42,17 +42,17 @@ cv
 
 另一端是编码最后地方
 
-![image-20241117155707412](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155707412.png)
+![tutu](.\Img\tutu.png)
 
-![image-20241117155726081](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155726081.png)
+![tutu2](.\Img\tutu2.png)
 
-![image-20241117155745902](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155745902.png)
+![tutu3](.\Img\tutu3.png)
 
 6.easyzip
 
-![QQ20241117-193457](C:\Users\xiaobai\Desktop\CTFWP\QQ20241117-193457.png)
+![zip](.\Img\zip.png)
 
-![QQ20241117-193441](C:\Users\xiaobai\Desktop\CTFWP\QQ20241117-193441.png)
+![zip2](.\Img\zip2.png)
 
 6.Are you a JPG master?
 
@@ -64,13 +64,13 @@ cv
 
 然后寻找工具
 
-![image-20241120181653899](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120181653899.png)
+<img src=".\Img\JPG.png" alt="JPG" style="zoom:50%;" />
 
 找到了
 
 剥离水印。获得第一次zip密码
 
-![image-20241120181755959](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120181755959.png)
+![JPG2](.\Img\JPG2.png)
 
 然后level2
 
@@ -100,7 +100,7 @@ binwalk -e。。。。。。。。。。
 
 于是使用Stegsolve查看图片细节
 
-发现大量奇怪色块![image-20241120182224866](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120182224866.png)判断是`steghide`
+发现大量奇怪色块![JPG3](.\Img\JPG3.png)判断是`steghide`
 
 着手编写脚本
 
@@ -141,15 +141,15 @@ if __name__ == '__main__':
 
 成功获得flag
 
-![QQ20241119-224006](C:\Users\xiaobai\Desktop\CTFWP\QQ20241119-224006.png)
+![JPG4](.\Img\JPG4.png)
 
 7.mermory
 
-kali里下好vol然后内存分析，在浏览器记录里发现了secret.png![1](C:\Users\xiaobai\Desktop\CTFWP\1.png![QQ20241117-012405](C:\Users\xiaobai\Desktop\CTFWP\QQ20241117-012405.png)和part3
+kali里下好vol然后内存分析，在浏览器记录里发现了secret.png![1](C:\Users\xiaobai\Desktop\CTFWP\1.png![mermory](.\Img\mermory.png)和part3
 
 然后把secret.png导出获得头
 
-在剪切板记录里获得part2![QQ20241123-014544](C:\Users\xiaobai\Desktop\CTFWP\QQ20241123-014544.png)
+在剪切板记录里获得part2![mermory2](.\Img\mermory2.png)
 
 最后结合头部中部尾部得到flag
 
@@ -159,7 +159,7 @@ SilentEye隐写，把音频导入然后解密就行
 
 根据hint提示这个密码和五月天有关（u1s1它这个误导非常大，因为hint说key是歌手名首字母大写可问题是解出来的key是Mayday二Mayday是五月天这个乐队的名字，五月天是乐队而不是歌手，真的奇了怪了
 
-![image-20241123194103773](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241123194103773.png)
+![5525](.\Img\5525.png)
 
 
 
@@ -167,17 +167,17 @@ SilentEye隐写，把音频导入然后解密就行
 
 1.real1ty的小秘密
 
-![image-20241117155855008](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155855008.png)
+![real1ty-small](.\Img\real1ty-small.png)
 
 凯撒密码，试几下就出了
 
-![image-20241117155953587](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117155953587.png)
+![real1ty-small2](Img\real1ty-small2.png)
 
 2.我解md5真的假的
 
 一个一个解就行直接用给的那个网站就行
 
-![image-20241117160809483](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117160809483.png)
+![md5](Img\md5.png)
 
 注意第4个，给的那个网站我没查到，所有只能硬算
 
@@ -187,7 +187,7 @@ SilentEye隐写，把音频导入然后解密就行
 
 
 
-![image-20241117160632803](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117160632803.png)
+![md52](Img\md52.png)
 
 
 
@@ -199,7 +199,7 @@ SilentEye隐写，把音频导入然后解密就行
 
 
 
-![image-20241117160925241](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117160925241.png)
+![Morse_Code](Img\Morse_Code.png)
 
 
 
@@ -213,7 +213,7 @@ SilentEye隐写，把音频导入然后解密就行
 
 那我多跑几遍直到redrock出现就行了
 
-![image-20241117162352269](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117162352269.png)
+![easy crypto]( Img\easy crypto.png)
 
 5.What is RSA
 
@@ -221,7 +221,7 @@ SilentEye隐写，把音频导入然后解密就行
 
 把参数填了就出了
 
-![image-20241117162920889](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117162920889.png)
+![What is RSA]( Img\What is RSA.png)
 
 6.e这么小吗
 
@@ -237,9 +237,9 @@ SilentEye隐写，把音频导入然后解密就行
 
 根据这个思路
 
-（因为这道题给我发的数字都是10进制所有我需要先改一下代码再获得10进制解密数字后转16进制然后转字符串）![image-20241117164036810](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117164036810.png)
+（因为这道题给我发的数字都是10进制所有我需要先改一下代码再获得10进制解密数字后转16进制然后转字符串）![e-small]( Img\e-small.png)
 
-结果图：![image-20241117164248812](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117164248812.png)![image-20241117164230008](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117164230008.png)
+结果图：![e-small2](Img\e-small2.png)![e-small3](Img\e-small3.png)
 
 7.rel1ty的大秘密
 
@@ -247,13 +247,13 @@ SilentEye隐写，把音频导入然后解密就行
 
 但是总的来说还是很简单
 
-写3个程序分别用于解base16 32 64编码![QQ20241120-172408](C:\Users\xiaobai\Desktop\CTFWP\QQ20241120-172408.png)
+写3个程序分别用于解base16 32 64编码![rel1ty-big]( Img\rel1ty-big.png)
 
 然后来回套，看那个可以继续套下去
 
 直到出现一个很像flag的东西
 
-![QQ20241120-171836](C:\Users\xiaobai\Desktop\CTFWP\QQ20241120-171836.png)
+![rel1ty-big]( Img\rel1ty-big2.png)
 
 然后猜测royk与rock处是交换点
 
@@ -271,7 +271,7 @@ SilentEye隐写，把音频导入然后解密就行
 
 然后提交
 
-![QQ20241120-171818](C:\Users\xiaobai\Desktop\CTFWP\QQ20241120-171818.png)
+![rel1ty-big3]( Img\rel1ty-big3.png)
 
 8.real1ty的中秘密
 
@@ -297,18 +297,12 @@ print(vigenere_decrypt(ciphertext, key, shift))
 
 ```
 
-然后获得了如图所示的效果
-
-![cccc](C:\Users\xiaobai\Desktop\新建文件夹\cccc.png)
-
 不难发现j是{
 
 同时呢调整大小写
 
 使大小写与密文一致
 
-![bbbb](C:\Users\xiaobai\Desktop\新建文件夹\bbbb.png)
-
 最后发现提交后还是不对
 
 然后抖了一激灵
@@ -329,7 +323,7 @@ pwn
 
 ida打开 输入-1 开启后门
 
-![image-20241117164659508](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117164659508.png)
+![login]( Img\login.png)
 
 故 -1
 
@@ -337,7 +331,7 @@ flag get
 
 2. real login
 3. 依旧签到
-4. ![image-20241117164923717](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117164923717.png)
+4. ![real login]( Img\real login.png)
 
 nc 连上
 
@@ -351,9 +345,9 @@ nc 连上
 
 这道题应该是个内存泄漏题
 
-![playwithbetacat](C:\Users\xiaobai\Desktop\CTFWP\playwithbetacat.png)
+![爱捉弄人的beatcat]( Img\playwithbetacat.png)
 
-![image-20241117165607281](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117165607281.png)
+![爱捉弄人的beatcat2]( Img\playwithbetacat2.png)
 
 要buf=v2那就看怎么填充得到v2了呗，然后就看buf到r的空间大小0x191个，然后就这么填充A占位
 
@@ -367,7 +361,7 @@ nc 连上
 
 这个就是做脚本自动计算
 
-![image-20241117170116383](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117170116383.png)
+![ccat]( Img\ccat.png)
 
 然后就行了
 
@@ -375,13 +369,13 @@ nc 连上
 
 newstarctf 第一周的一个pwn题一样的过程
 
-![image-20241117170417461](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117170417461.png)
+![betacatyuma]( Img\betacatyuma.png)
 
 使nbytes_4的数据溢出到nbytes
 
 
 
-![image-20241117170332899](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117170332899.png)
+![betacatyuma]( Img\betacatyuma2.png)
 
 把得到的payload输进窗口就完成了
 
@@ -397,19 +391,19 @@ newstarctf 第一周的一个pwn题一样的过程
 
 最后知道了方法
 
-先是填充![image-20241117171046383](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117171046383.png)
+先是填充![backdoorbetacat]( Img\backdoorbetacat.png)
 
 使buf刚刚溢出
 
-![image-20241117171108847](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117171108847.png)
+![backdoorbetacat]( Img\backdoorbetacat2.png)
 
 0x50+0x08生成个A
 
-然后是加上backdoor的地址![image-20241117171206937](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117171206937.png)
+然后是加上backdoor的地址![backdoorbetacat]( Img\backdoorbetacat3.png)
 
 启动脚本
 
-![QQ20241117-105938](C:\Users\xiaobai\Desktop\CTFWP\QQ20241117-105938.png)
+![backdoorbetacat4]( Img\backdoorbetacat4.png)
 
 成功获得flag
 
@@ -419,11 +413,11 @@ web
 
 score控制台改10000就行
 
-![image-20241117171428070](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117171428070.png)
+![snake]( Img\snake.png)
 
 2.这是真签到
 
-进去翻翻源码![image-20241117171551207](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117171551207.png)
+进去翻翻源码![realqd]( Img\realqd.png)
 
 得到flag
 
@@ -433,13 +427,13 @@ newstarctf中的智械危机类似
 
 看robots.txt这是一个协议关于爬虫相关的
 
-![image-20241117171743276](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117171743276.png)
+![robot]( Img\robot.png)
 
 然后先看hint知道/flag下的字符串是flag的每个字符填充7个随机字符得到
 
 所以写个脚本就得到flag了
 
-![image-20241117172138871](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241117172138871.png)
+![robot2]( Img\robot2.png)
 
 4.留言板
 
@@ -455,9 +449,9 @@ python版sql注入
 
 所以写的时候现在前面加一个‘+f’就可在{}里执行任意命令，注意到它有限长，而且和‘’的数量.的数量有关，所以废了下功夫构造出一个函数得到flag
 
-![QQ20241117-153101](C:\Users\xiaobai\Desktop\CTFWP\QQ20241117-153101.png)
+![liuyan]( Img\liuyan.png)
 
-![QQ20241117-153055](C:\Users\xiaobai\Desktop\CTFWP\QQ20241117-153055.png)
+![liuyan2]( Img\liuyan2.png)
 
 5.肚子饿了
 
@@ -475,7 +469,7 @@ python版sql注入
 
 但是问题最大的是如何找到这个判断通过长时间的分析发现and和union不能用，位置还是在尴尬的order by 后面 并且order by 后面已经有了一个值（在这里命名为x）。所以唯一的出路是想办法让那个by后面的值入手，发现if(e1,e2,e3)这个sql语句中e1是判别式如果正确那么就会返回e2如果错误那么就会返回e3。这就是一个很好的触发点。此时如果找到一个运算符让x与这个if出来的值进行计算可以改变表的顺序就大功告成。
 
-经过尝试![QQ20241118-232641](C:\Users\xiaobai\Desktop\CTFWP\QQ20241118-232641.png)。![QQ20241118-232629](C:\Users\xiaobai\Desktop\CTFWP\QQ20241118-232629.png)最后发现如果在?type=处填写>>IF((判别式),2,1)就可以做到上条件。然后就开始着手写脚本
+经过尝试![ele]( Img\ele.png)。![ele2]( Img\ele2.png)最后发现如果在?type=处填写>>IF((判别式),2,1)就可以做到上条件。然后就开始着手写脚本
 
 ```
 import requests
@@ -519,21 +513,21 @@ print("Result:", result)
 
 然后就是用二分法查值最后得出flag
 
-![饿了4](C:\Users\xiaobai\Desktop\CTFWP\饿了4.png)
+![ele4]( Img\ele4.png)
 
-![饿了3](C:\Users\xiaobai\Desktop\CTFWP\饿了3.png)
+![ele5]( Img\ele5.png)
 
-![饿了](C:\Users\xiaobai\Desktop\CTFWP\饿了.png)
+![ele6](Img\ele6.png)
 
 6.简简单单upload
 
-进去首先审计代码![image-20241120175357599](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120175357599.png)
+进去首先审计代码![upload]( Img\upload.png)
 
 发先了它得上传逻辑，就是说它会将源文件改名并上传道upload得目录下，
 
 改名逻辑是时间戳+_+原名
 
-所以通过上传文件时的回显获得服务器时间![image-20241120175552506](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120175552506.png)
+所以通过上传文件时的回显获得服务器时间![upload]( Img\upload2.png)
 
 然后写一个脚本换算时间戳
 
@@ -554,13 +548,13 @@ print("时间戳:", timestamp)
 
 于是上传一个一句话用蚁剑连接它
 
-![image-20241120180001594](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120180001594.png)
+![upload]( Img\upload3.png)
 
 连接后查看根目录
 
 发现flag就在哪儿
 
-![image-20241120180041141](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120180041141.png)
+![upload]( Img\upload4.png)
 
 但是打开是空白。发现是权限问题
 
@@ -568,7 +562,7 @@ print("时间戳:", timestamp)
 
 结果shell都无法使用
 
-![image-20241120180151021](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120180151021.png)
+![upload]( Img\upload5.png)
 
 查阅资料，是php设置了disable_function
 
@@ -578,7 +572,7 @@ print("时间戳:", timestamp)
 
 发现可以用蚁剑插件绕过
 
-![image-20241120180327665](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241120180327665.png)
+![upload]( Img\upload6.png)
 
 成功绕过
 
@@ -607,11 +601,11 @@ find / -user root -perm -4000 -print 2>/dev/null
 
 一番尝试下
 
-![QQ20241120-131010](C:\Users\xiaobai\Desktop\CTFWP\QQ20241120-131010.png)
+![upload]( Img\upload7.png)
 
 成功获得flag
 
-然后得到flag![image-20241123000945812](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241123000945812.png)
+然后得到flag![upload]( Img\upload8.png)
 
 7.slowjson
 
@@ -631,7 +625,7 @@ spring会反序列化它们（实例化它们），从而让这些类运行起
 
 所以我只需要略作修改（指把地址改一下）就可以得到flag的anscii码
 
-![QQ20241122-235931](C:\Users\xiaobai\Desktop\CTFWP\QQ20241122-235931.png)
+![slowjson]( Img\slowjson.png)
 
 Reverse
 
@@ -639,7 +633,7 @@ Reverse
 
 走迷宫，首先ida打开看程序长什么样
 
-![image-20241121214612340](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121214612340.png)
+![baby_Reverse]( Img\baby_Reverse.png)
 
 好的，键盘输入每一步的方位，anscii码分别对应的是up down right left的首字母
 
@@ -647,17 +641,17 @@ Reverse
 
 然后呢不难发现
 
-![image-20241121214758045](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121214758045.png)
+![baby_Reverse]( Img\baby_Reverse2.png)
 
 就是存储地图数据的地方
 
 那么直接看迷宫啥样
 
-![image-20241121214923639](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121214923639.png)
+![baby_Reverse]( Img\baby_Reverse3.png)
 
 整理一下
 
-![image-20241121214956387](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121214956387.png)
+![baby_Reverse]( Img\baby_Reverse4.png)
 
 发现有部分道路堵塞，没关系，反正都在很后面了影响不大
 
@@ -665,11 +659,11 @@ Reverse
 
 然后就是用bfs算法算出路径
 
-![image-20241121215252170](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121215252170.png)
+![baby_Reverse]( Img\baby_Reverse5.png)
 
 算出后取前面30个
 
-![image-20241121215315465](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121215315465.png)
+![baby_Reverse]( Img\baby_Reverse6.png)
 
 （A为左右B为上下的位移）
 
@@ -681,7 +675,7 @@ flag就出了
 
 确实很easy，flag直接明文展示的
 
-![image-20241121215450519](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121215450519.png)
+![easy]( Img\easy.png)
 
 拿就拿下呗
 
@@ -703,6 +697,6 @@ ida打开
 
 ce启动，启动变速齿轮，然后速度就正常了
 
-过关呗，然后flag拿下![image-20241121215929180](C:\Users\xiaobai\AppData\Roaming\Typora\typora-user-images\image-20241121215929180.png)
+过关呗，然后flag拿下![mini_game]( Img\mini_game.png)
 
-![QQ20241121-213758](C:\Users\xiaobai\Desktop\CTFWP\QQ20241121-213758.png)
\ No newline at end of file
+![mini_game](G:\wp\CTF\RedRockCTF\Img\mini_game2.png)
\ No newline at end of file