🍪 - AlpacaHack

Show TagsShow Solved

Rows:

CHALLENGE	AUTHORS	SOLVES (CURRENT)	SOLVE RATE (AT CONTEST TIME)
Welcome Misc	admin	1244 solves	-
AlpacaHack 2100 Misc Daily AlpacaHack	admin	669 solves	-
Simple Login Web AlpacaHack Round 2 (Web)	ark	510 solves	Top 28% = 84/300 users
a fact of CTF Crypto Daily AlpacaHack	xornet	465 solves	-
Emojify Web Daily AlpacaHack	ark	323 solves	-
echo Pwn AlpacaHack Round 1 (Pwn)	ptr-yudai	311 solves	Top 32% = 56/174 users
Leaked Flag Checker Rev Daily AlpacaHack	minaminao	299 solves	-
simpleoverflow Pwn Daily AlpacaHack	n01e0	269 solves	-
Treasure Hunt Web AlpacaHack Round 7 (Web)	ark	246 solves	Top 15% = 71/458 users
qrime Crypto AlpacaHack Round 3 (Crypto)	xornet	229 solves	Top 38% = 91/239 users
hit-and-miss Misc Daily AlpacaHack	ark	213 solves	-
Country DB Web CakeCTF 2023	ptr-yudai	205 solves	Top 33% = 246/729 teams
size limit Crypto Daily AlpacaHack	jp3bgy	192 solves	-
Read Assembly Rev Daily AlpacaHack	xrekkusu	191 solves	-
Integer Writer Pwn Daily AlpacaHack	mora	191 solves	-
Alpaca Bank Web Daily AlpacaHack	hiikunz	188 solves	-
inbound Pwn AlpacaHack Round 6 (Pwn)	ptr-yudai	187 solves	Top 28% = 57/197 users
Safe Prime Crypto Daily AlpacaHack	ptr-yudai	164 solves	-
Fully Padded RSA Crypto Daily AlpacaHack	yu212	161 solves	-
masking tape Rev AlpacaHack Round 8 (Rev)	arata-nvm	160 solves	Top 19% = 61/316 users

Rows:

🍪

SECCON CTF 13 決勝観戦CTF

175 solves

Web Beginner

Author:

minaminao

Show Tags

ある条件を満たすとフラグが得られるようです

import Fastify from "fastify";
import fastifyCookie from "@fastify/cookie";

const fastify = Fastify();
fastify.register(fastifyCookie);

fastify.get("/", async (req, reply) => {
  reply.setCookie('admin', 'false', { path: '/', httpOnly: true });
  if (req.cookies.admin === "true")
    reply.header("X-Flag", process.env.FLAG);
  return "can you get the flag?";
});

fastify.listen({ port: process.env.PORT, host: "0.0.0.0" });

*完全なソースコードは以下からダウンロード可能です。

cookie.tar.gz

description solves writeups