AlpacaHack Logo
Sign InSign Up
Daily AlpacaHack

A daily CTF challenge with a fun new puzzle every day

What is Daily AlpacaHack?

We publish one simple, beginner-friendly or educational CTF challenge every day!

Join Anytime

Solve within 24 hours of release to appear on the leaderboard.

Not a Competition

Discussion with friends or AI is welcome (account sharing is prohibited).

Solution Sharing Rules

Sharing solutions is allowed only after 24 hours have passed since release.

Solve stats

0

/20

No solved challenges yet.

Sign In to view your player stats

Today's Challenge
tchentchen
Alpaca Blog
Web
Easy🌱
25 solves
Submissions (latest 3)
bsvac

SOLVED!

Jul 19, 8:14 PM

panya

SOLVED!

Jul 19, 7:24 PM

Leaderboard

Try the first challenge

Is this your first CTF? Let's begin by tackling the first challenge released on Daily AlpacaHack.

View challenge
admin
AlpacaHack 2100
Misc
Welcome🌱
1,986 solves
Upcoming challenges reveal the , , and in advance.
Prev

Jul 2026

Next
Solved
Unsolved
Upcoming
Mon
Tue
Wed
Thu
Fri
Sat
Sun
29
tchentchen
Nano Services
Web
Medium
87 solves
30
minaminaominaminao
Super Short System Exit
Misc
Medium
82 solves
1
admin
Alpaca Nation
Misc
Welcome🌱
221 solves
2
hiikunzhiikunz
Flag is A+B
Crypto
Easy🌱
134 solves
3
tchentchen
Lucky Redirect
Web
Easy🌱
125 solves
4
hiikunzhiikunz
Renda
Rev
Medium
105 solves
5
tchentchen
IP Blocked Secret
Web
Hard
64 solves
6
minaminaominaminao
duplicate entry
Misc
Easy🌱
131 solves
7
hiikunzhiikunz
Lazy RSA
Crypto
Medium
100 solves
8
minaminaominaminao
Let's Poly1305!
Crypto
Medium
75 solves
9
shiragishiragi
private method
Misc
Easy🌱
125 solves
10
hiikunzhiikunz
secret-table-3
Web
Medium
82 solves
11
baumroll1234
A slight mistake
Pwn
Hard
69 solves
12
tan90909090tan90909090
13
baumroll1234
Redirecting to Login Page
Web
Easy🌱
134 solves
14
tchentchen
You've Got Shlex
Misc
Medium
83 solves
15
minaminaominaminao
Let's Poly1305! 2
Crypto
Hard
63 solves
16
tchentchen
Beat the Alpaca Lord
Web
Medium
87 solves
17
pppp4649pppp4649
biribiri
Crypto
Medium
82 solves
18
tchentchen
Greetings CGI
Web
Hard
63 solves
19
hiikunzhiikunz
no win func
Pwn
Hard
55 solves
20
tchentchen
Alpaca Blog
Web
Easy🌱
25 solves
21
Coming soon
22
Coming soon
23
Coming soon
24
Coming soon
25
minaminaominaminao
Planned topicCache
Web
Hard
26
Planned topicPython
Web
Hard
27
Coming soon
28
Coming soon
29
Coming soon
30
Coming soon
31
Coming soon
2
Coming soon

Want a harder challenge?

Go to B-SIDE

Writeups

ojun

Writeup for no win func

ojun

ja
no win func

5 hours ago

kurimochi

Writeup for You've Got Shlex (shlex only)

nitcelcius

Writeup for You've Got Shlex

ja

2026/07/18 12:59

edwowmath

Writeup for Compile time flag checker

tchen

Writeup for You've Got Shlex

author
en

2026/07/16 01:15

tchen

Writeup for IP Blocked Secret

author
en

2026/07/15 23:53

Rows:

permission denied 2

Topic: File PermissionReleased: Apr 30, 2026

83 solves
Misc
Medium5.5

by

minaminao

minaminao

cat: flag.txt: Permission denied

NOTE: This challenge is related to permission denied.

Beginner Hint 1 (AI-translated)
  • If you connect with nc, you will notice that a shell starts.
  • If you read chal.sh, you can see that flag.txt is created with permission 400 before the shell starts.
  • This command is executed by the root user.
  • So 400 means that only the root user can read the file.
  • After that, runuser -u alpaca -- sh starts a shell as the alpaca user.
  • However, if you run cat flag.txt, you still get Permission denied, so you cannot read the flag.
  • How can you read the flag, then?
Beginner Hint 2 (AI-translated)
  • This is a meta-level hint, but why is the permission of flag.txt being set inside chal.sh in the first place?
  • The permission of chal.sh is specified in the Dockerfile.
  • In the same way, it should also be possible to set the permission of flag.txt in the Dockerfile.
  • Think about what behavioral difference is created between setting permissions in the Dockerfile and setting them later in chal.sh.
Beginner Hint 3 (AI-translated)
  • In the previous challenge, permission denied, the nobody user was used, but this time the alpaca user is used.
  • Also, the shell runs in the /home/alpaca directory.
  • What does this make possible?

[Announcement] Thank you for playing Daily AlpacaHack! We'd appreciate it if you could fill out the survey

permission-denied-2.tar.gz

Please sign in to submit the flag.

descriptionsolveswriteups