AlpacaHack Logo
Sign InSign Up
Daily AlpacaHack

A daily CTF challenge with a fun new puzzle every day

What is Daily AlpacaHack?

We publish one simple, beginner-friendly or educational CTF challenge every day!

Join Anytime

Solve within 24 hours of release to appear on the leaderboard.

Not a Competition

Discussion with friends or AI is welcome (account sharing is prohibited).

Solution Sharing Rules

Sharing solutions is allowed only after 24 hours have passed since release.

Solve stats

0

/171

No solved challenges yet.

Sign In to view your player stats

Today's Challenge
tchentchen
Kakuzuke
Web
Medium
54 solves
Submissions (latest 3)
krsanf

SOLVED!

May 20, 5:38 AM

pppp4649
pppp4649

SOLVED!

May 20, 5:00 AM

bear

SOLVED!

May 20, 4:44 AM

Leaderboard

Try the first challenge

Is this your first CTF? Let's begin by tackling the first challenge released on Daily AlpacaHack.

View challenge
admin
AlpacaHack 2100
Misc
Welcome🌱
1,799 solves
Upcoming challenges reveal the , , and in advance.
Prev

May 2026

Next
Solved
Unsolved
Upcoming
Mon
Tue
Wed
Thu
Fri
Sat
Sun
27
shiragishiragi
Unrevealed TXT
Misc
Easy🌱
125 solves
28
seriotonserioton
unheard
Misc
Medium
75 solves
29
minaminaominaminao
permission denied
Misc
Hard
78 solves
30
minaminaominaminao
permission denied 2
Misc
Medium
78 solves
1
admin
Alpaca++
Misc
Welcome🌱
229 solves
2
tchentchen
Alpaca Rangers 2
Web
Easy🌱
194 solves
3
pppp4649pppp4649
Small N
Crypto
Easy🌱
148 solves
4
hiikunzhiikunz
secret-table-2
Web
Medium
141 solves
5
seriotonserioton
do the math
Misc
Medium
110 solves
6
trimscashtrimscash
func-array
Pwn
Easy🌱
138 solves
7
minaminaominaminao
permission denied 3
Misc
Medium
110 solves
8
baumroll1234
Vending Machine
Misc
Easy🌱
168 solves
9
hiikunzhiikunz
reused n
Crypto
Medium
112 solves
10
rsk0315
Bounds Checking
Pwn
Hard
83 solves
11
seriotonserioton
Mirage
Rev
Easy🌱
119 solves
12
minaminaominaminao
hidden service
Misc
Medium
101 solves
13
tchentchen
Super Short Python Golf
Misc
Medium
114 solves
14
minaminaominaminao
Equation Cipher
Crypto
Medium
99 solves
15
tan90909090tan90909090
curl as a service
Web
Misc
Medium
104 solves
16
k0080k0080
Please Link This
Pwn
Hard
71 solves
17
tan90909090tan90909090
curl as a service 2
Web
Misc
Hard
81 solves
18
shiragishiragi
Flag for Switch
Web
Easy🌱
128 solves
19
pppp4649pppp4649
Small d
Crypto
Medium
91 solves
20
tchentchen
Kakuzuke
Web
Medium
54 solves
21
kakur41kakur41
Planned topicPython
Misc
Medium
22
nozokare
Planned topicOne-Time Password
Web
Medium
23
Coming soon
24
k0080k0080
Planned topicCUDA
Rev
Hard
25
Coming soon
26
Coming soon
27
Coming soon
28
Coming soon
29
Coming soon
30
rsk0315
Planned topicXSS
Web
Hard
31
ptr-yudaiptr-yudai
Planned topicStack
Pwn
Hard

Want a harder challenge?

Go to B-SIDE

Writeups

tadanobutubutu

Writeup for Small d

tadanobutubutu

ja
Small d

13 hours ago

Daily AlpacaHackに挑戦するつくよみちゃん 05/19 crypto/small d/pppp4649

tsukuyomi-chan

ja
Small d

13 hours ago

Writeup for Small d

goroshirow

ja
Small d

14 hours ago

Writeup for Daily AlpacaHack 5/11-5/17

labpump

ja
curl as a service 2

+6

17 hours ago

Writeup for Flag for Switch

baumroll1234

ja
Flag for Switch

2026/05/18 22:06

tadanobutubutu

Writeup for Flag for Switch

tadanobutubutu

ja
Flag for Switch

2026/05/18 19:58

Writeup for Flag for Switch

goroshirow

ja
Flag for Switch

2026/05/18 15:17

Daily AlpacaHackに挑戦するつくよみちゃん 05/18 web/Flag for Switch/shiragi

tsukuyomi-chan

ja
Flag for Switch

2026/05/18 15:09

nitcelcius

Writeup for curl as a service 2

nitcelcius

ja
curl as a service 2

2026/05/18 12:54

コメントを入力 Daily AlpacaHackに挑戦するつくよみちゃん 05/17 web-misc/curl as a service 2/tan90909090

tsukuyomi-chan

ja
curl as a service 2

2026/05/17 17:13

Rows:

permission denied 2

Topic: File PermissionReleased: Apr 30, 2026

78 solves
Misc
Medium

by

minaminao

minaminao

cat: flag.txt: Permission denied

NOTE: This challenge is related to permission denied.

Beginner Hint 1 (AI-translated)
  • If you connect with nc, you will notice that a shell starts.
  • If you read chal.sh, you can see that flag.txt is created with permission 400 before the shell starts.
  • This command is executed by the root user.
  • So 400 means that only the root user can read the file.
  • After that, runuser -u alpaca -- sh starts a shell as the alpaca user.
  • However, if you run cat flag.txt, you still get Permission denied, so you cannot read the flag.
  • How can you read the flag, then?
Beginner Hint 2 (AI-translated)
  • This is a meta-level hint, but why is the permission of flag.txt being set inside chal.sh in the first place?
  • The permission of chal.sh is specified in the Dockerfile.
  • In the same way, it should also be possible to set the permission of flag.txt in the Dockerfile.
  • Think about what behavioral difference is created between setting permissions in the Dockerfile and setting them later in chal.sh.
Beginner Hint 3 (AI-translated)
  • In the previous challenge, permission denied, the nobody user was used, but this time the alpaca user is used.
  • Also, the shell runs in the /home/alpaca directory.
  • What does this make possible?

[Announcement] Thank you for playing Daily AlpacaHack! We'd appreciate it if you could fill out the survey

permission-denied-2.tar.gz

Please sign in to submit the flag.

descriptionsolveswriteups