AlpacaHack Logo
Sign InSign Up
Daily AlpacaHack

A daily CTF challenge with a fun new puzzle every day

What is Daily AlpacaHack?

We publish one simple, beginner-friendly or educational CTF challenge every day!

Join Anytime

Solve within 24 hours of release to appear on the leaderboard.

Not a Competition

Discussion with friends or AI is welcome (account sharing is prohibited).

Solution Sharing Rules

Sharing solutions is allowed only after 24 hours have passed since release.

Solve stats

0

/7

No solved challenges yet.

Sign In to view your player stats

Today's Challenge
hiikunzhiikunz
Lazy RSA
Crypto
Medium
23 solves
Submissions (latest 3)
bhcnumas

SOLVED!

Jul 6, 6:28 PM

Leaderboard

Try the first challenge

Is this your first CTF? Let's begin by tackling the first challenge released on Daily AlpacaHack.

View challenge
admin
AlpacaHack 2100
Misc
Welcome🌱
1,948 solves
Upcoming challenges reveal the , , and in advance.
Prev

Jul 2026

Next
Solved
Unsolved
Upcoming
Mon
Tue
Wed
Thu
Fri
Sat
Sun
29
tchentchen
Nano Services
Web
Medium
69 solves
30
minaminaominaminao
Super Short System Exit
Misc
Medium
77 solves
1
admin
Alpaca Nation
Misc
Welcome🌱
155 solves
2
hiikunzhiikunz
Flag is A+B
Crypto
Easy🌱
109 solves
3
tchentchen
Lucky Redirect
Web
Easy🌱
101 solves
4
hiikunzhiikunz
Renda
Rev
Medium
81 solves
5
tchentchen
IP Blocked Secret
Web
Hard
55 solves
6
minaminaominaminao
duplicate entry
Misc
Easy🌱
89 solves
7
hiikunzhiikunz
Lazy RSA
Crypto
Medium
23 solves
8
minaminaominaminao
Planned topicMAC
Crypto
Medium
9
Planned topicPython
Misc
Easy🌱
10
Coming soon
11
Coming soon
12
Planned topicC++
Rev
Hard
13
Coming soon
14
Coming soon
15
Coming soon
16
Coming soon
17
Coming soon
18
Coming soon
19
Coming soon
20
Coming soon
21
Coming soon
22
Coming soon
23
Coming soon
24
Coming soon
25
Coming soon
26
Coming soon
27
Coming soon
28
Coming soon
29
Coming soon
30
Coming soon
31
Coming soon
1
Coming soon
2
Coming soon

Want a harder challenge?

Go to B-SIDE

Writeups

Writeup for duplicate entry

baumroll1234

ja
duplicate entry

5 hours ago

tchen

Writeup for Nano Services

author
en

13 hours ago

tchen

Writeup for Lucky Redirect

author
en

13 hours ago

nirvana

Writeup for IP Blocked Secret

nirvana

Writeup for Renda

ja

2026/07/05 04:11

Daily AlpacaHackに挑戦するつくよみちゃん07/04/Renda/hiikunz

ja

2026/07/04 19:50

nitcelcius

Writeup for Renda (by reading some code)

ja

2026/07/04 16:38

nitcelcius

Writeup for Flag is A+B

ja

2026/07/04 15:38

Rows:

Emojify

Topic: Server-SideReleased: Dec 3, 2025

682 solves
Web
Medium4.0

by

ark

ark

:pizza: -> 🍕

Beginner Hint 1: About Difficulty
  • This challenge is in the Web category, i.e., web applications.
  • Unlike yesterday's challenge, which was Easy, this one is Medium.
  • Daily AlpacaHack currently defines four difficulty levels: Easy, Medium, Hard, and Very Hard.
  • Medium is one step above Easy. If Daily AlpacaHack is your first exposure to CTF, solving it may be tough.
  • If you get stuck, feel free to lean on AI to find a starting point for the solution.
  • Even if you can't solve it, check other players' solutions (writeups) afterward to review and learn.
  • 24 hours after release, a writeup tab will appear in the tab bar below.
Beginner Hint 2: Running the Challenge Locally
  • After extracting the attachment, you'll find compose.yaml, Dockerfile, and directories for three services.
  • Modern CTFs often ship a Docker Compose file so players can reproduce the remote environment locally.
  • From the root of the distribution, run docker compose up.
  • With default settings, the challenge server will start at http://localhost:3000/.
  • Use this local server to investigate vulnerabilities and to test the solver you build.
Beginner Hint 3: Approach to Solving the Challenge (AI-translated)
  • Start by reading the source code to understand what kind of web service is running.
  • It will be easier to understand if you read the code while checking how the challenge server behaves locally.
  • Once you roughly understand the service's behavior, the next step is to identify the goal.
  • Think about where the flag is and what you need to be able to do to obtain it. Then you will see that achieving that "what you need to be able to do" is the point of this challenge.
  • The challenge server is written in JavaScript.
  • To check the detailed behavior of JavaScript functions, it is useful to have an interactive environment where you can run JavaScript.
  • Try running the node command in your local terminal and experimenting with it.
  • It is also useful to look up the specifications of the JavaScript functions used in the challenge.
  • MDN documentation (https://developer.mozilla.org/en-US/docs/Web) is accurate and comprehensive, so it is a useful information resource.
emojify.tar.gz

Please sign in to submit the flag.

descriptionsolveswriteups