🍪 - SECCON CTF 13 決勝観戦CTF

SECCON CTF 13 決勝観戦CTF

CTF is over!

Sign In Sign Up

Top Challenges Scoreboard Writeups

Show Solved

Beginner & Welcome

100 pts (167 solves)

Author:

minaminao

Beginner & Crypto

100 pts (152 solves)

Author:

minaminao

Beginner & Web

100 pts (139 solves)

Author:

minaminao

Rev & Beginner

Beginner's Flag Printer

100 pts (121 solves)

Author:

minaminao

Beginner & Misc

100 pts (89 solves)

Author:

minaminao

Beginner & Pwn

Can U Keep A Secret?

100 pts (31 solves)

Author:

minaminao

Crypto

100 pts (40 solves)

Author:

minaminao

100 pts (81 solves)

Author:

minaminao

100 pts (10 solves)

Author:

minaminao

Customizable EC

100 pts (11 solves)

Author:

minaminao

Rev

100 pts (38 solves)

Author:

minaminao

Slow Flag Printer

100 pts (10 solves)

Author:

minaminao

Concurrent Flag Printer

100 pts (3 solves)

Author:

minaminao

Web

100 pts (8 solves)

Author:

minaminao

100 pts (15 solves)

Author:

minaminao

100 pts (6 solves)

Author:

minaminao

Misc

100 pts (19 solves)

Author:

minaminao

🍪

100 pts (139 solves)

Beginner

Web

Author:

minaminao

ある条件を満たすとフラグが得られるようです

import Fastify from "fastify";
import fastifyCookie from "@fastify/cookie";

const fastify = Fastify();
fastify.register(fastifyCookie);

fastify.get("/", async (req, reply) => {
  reply.setCookie('admin', 'false', { path: '/', httpOnly: true });
  if (req.cookies.admin === "true")
    reply.header("X-Flag", process.env.FLAG);
  return "can you get the flag?";
});

fastify.listen({ port: process.env.PORT, host: "0.0.0.0" });

*完全なソースコードは以下からダウンロード可能です。

description solves writeups