Simple log viewer with regex feature.
Beginner Hint: What is an instance spawner?
- In CTFs, some challenges require dynamically creating a separate challenge server for each player (or team).
- For example, if a player can change the state of a challenge server, it may affect other players.
- To handle such issues, an instance spawner is provided.
- On AlpacaHack, clicking the "Spawn Challenge Server" button automatically creates an isolated challenge server for each user.
- This challenge also uses an instance spawner.
- To help reduce server load, please try to solve the challenge locally before spawning.
- Note that on Daily AlpacaHack, even for challenges that do not require an instance spawner, the challenge server may be stopped after some time has passed since release, and the "Spawn Challenge Server" button will then appear.
Beginner Hint: The Starting Point of the Attack
- The goal of this challenge is to read the flag file located in the root directory.
- The starting point for achieving this is an OS command injection in the query part of the awk command.
Beginner Hint: Pitfalls in Payload Construction
- In Python,
subprocess.runmethod executes commands without going through a shell like Bash. - As a result, you cannot split commands using
;or perform command substitution with$(command).