Skip to main content

7. Httprace

Challenge Overview

In this challenge, you will interact with a basic HTTP server implemented in C. Your task is to exploit a vulnerability in the server to read the contents of flag.txt.

Submission

Once you've obtained the flag, please submit it to our CTF server. Then, submit both your exploit code and a 1-page report through ETL. Your report should briefly explain the code you used to get the flag and how you solved the challenge. Please do not cheat, share your flag, or disclose your solutions. Ensure that your report is strictly limited to 1 page.

Before submitting, use this command to compress your files: zip report.zip solve.py report.pdf. Make sure to rename your exploit code to solve.py and your report to report.pdf before running this command. Finally, submit report.zip through ETL.

If you fail to get the flag, you don't need to include the solve.py in the report.zip. Instead, please document your findings and attempts (such as identified vulnerabilities, exploitation approach, etc.) in report.pdf. Partial credit will be awarded based on the content.