🍪 - AlpacaHack

Show TagsShow Solved

Rows:

CHALLENGE	AUTHORS	SOLVES (CURRENT)	SOLVE RATE (AT CONTEST TIME)
AlpacaHack 2100 Misc Daily AlpacaHack	admin	1645 solves	-
Welcome Misc	admin	1546 solves	-
a fact of CTF Crypto Daily AlpacaHack	xornet	883 solves	-
Simple Login Web AlpacaHack Round 2 (Web)	ark	612 solves	Top 28% = 84/300 users
Emojify Web Daily AlpacaHack	ark	597 solves	-
Leaked Flag Checker Rev Daily AlpacaHack	minaminao	569 solves	-
simpleoverflow Pwn SECCON Beginners CTF 2024	n01e0	510 solves	Top 73% = 683/928 teams
super-tomato Crypto Daily AlpacaHack	kanon	392 solves	-
hit-and-miss Misc Daily AlpacaHack	ark	388 solves	-
echo Pwn AlpacaHack Round 1 (Pwn)	ptr-yudai	357 solves	Top 32% = 56/174 users
Xmas Login Web Daily AlpacaHack	hiikunz	355 solves	-
Fushigi Crawler Web Daily AlpacaHack	minaminao	346 solves	-
Alpaca Bank Web Daily AlpacaHack	hiikunz	332 solves	-
Integer Writer Pwn Daily AlpacaHack	mora	328 solves	-
size limit Crypto Daily AlpacaHack	jp3bgy	320 solves	-
Encoding Basics Misc Crypto Daily AlpacaHack	kurenaif	318 solves	-
Read Assembly Rev Daily AlpacaHack	xrekkusu	314 solves	-
🐈 Web Daily AlpacaHack	ark	312 solves	-
Bars Web Daily AlpacaHack	kakur41	301 solves	-
108 Misc Daily AlpacaHack	admin	296 solves	-

Rows:

🍪

SECCON CTF 13 決勝観戦CTF

175 solves

Beginner Web

Author:

minaminao

ある条件を満たすとフラグが得られるようです

import Fastify from "fastify";
import fastifyCookie from "@fastify/cookie";

const fastify = Fastify();
fastify.register(fastifyCookie);

fastify.get("/", async (req, reply) => {
  reply.setCookie('admin', 'false', { path: '/', httpOnly: true });
  if (req.cookies.admin === "true")
    reply.header("X-Flag", process.env.FLAG);
  return "can you get the flag?";
});

fastify.listen({ port: process.env.PORT, host: "0.0.0.0" });

*完全なソースコードは以下からダウンロード可能です。

cookie.tar.gz

description solves writeups