AlpacaHack Logo

Tag: File Permission

Sign InSign Up

File Permission

Related:
#Linux

No description is available for this tag.

Updated Apr 24, 2026
File Permission Challenges
permission denied
minaminao

minaminao

Misc
76 solves
permission denied 2
minaminao

minaminao

Misc
75 solves

permission denied 2

Daily AlpacaHackTopic: File PermissionReleased: Apr 30, 2026

75 solves
Misc

by

minaminao

minaminao

cat: flag.txt: Permission denied

NOTE: This challenge is related to permission denied.

Beginner Hint 1 (AI-translated)
  • If you connect with nc, you will notice that a shell starts.
  • If you read chal.sh, you can see that flag.txt is created with permission 400 before the shell starts.
  • This command is executed by the root user.
  • So 400 means that only the root user can read the file.
  • After that, runuser -u alpaca -- sh starts a shell as the alpaca user.
  • However, if you run cat flag.txt, you still get Permission denied, so you cannot read the flag.
  • How can you read the flag, then?
Beginner Hint 2 (AI-translated)
  • This is a meta-level hint, but why is the permission of flag.txt being set inside chal.sh in the first place?
  • The permission of chal.sh is specified in the Dockerfile.
  • In the same way, it should also be possible to set the permission of flag.txt in the Dockerfile.
  • Think about what behavioral difference is created between setting permissions in the Dockerfile and setting them later in chal.sh.
Beginner Hint 3 (AI-translated)
  • In the previous challenge, permission denied, the nobody user was used, but this time the alpaca user is used.
  • Also, the shell runs in the /home/alpaca directory.
  • What does this make possible?

[Announcement] Thank you for playing Daily AlpacaHack! We'd appreciate it if you could fill out the survey

permission-denied-2.tar.gz
descriptionsolveswriteups