chore(cookies): update colors challenge

gabrielmocanu · gabrielmocanu · commit 1d6985df99e5 · 2026-01-02T13:55:32.000+02:00
Signed-off-by: Gabriel Mocanu &lt;gabi.mocanu98@gmail.com&gt;
diff --git a/chapters/web-application-security/cookies-and-session-management/drills/colors/README.md b/chapters/web-application-security/cookies-and-session-management/drills/colors/README.md
@@ -2,7 +2,7 @@
 
 ## Description
 
-Get the flag from http://141.85.224.115:8002/colors.
+Get the flag from http://141.85.224.115:8002.
 
 Score: 50
 
diff --git a/chapters/web-application-security/cookies-and-session-management/drills/colors/deploy/Dockerfile b/chapters/web-application-security/cookies-and-session-management/drills/colors/deploy/Dockerfile
@@ -1,3 +1,11 @@
+# Stage 1: Generate the source file with the flag
+FROM alpine:latest AS builder
+
+ARG FLAG
+COPY src/index.template.php /tmp/index.template.php
+RUN sed "s/__TEMPLATE__/${FLAG}/g" /tmp/index.template.php > /tmp/index.php
+
+# Stage 2: Final image
 FROM php:7.2-apache
 
-COPY /public /var/www/html/
+COPY --from=builder /tmp/index.php /var/www/html/
diff --git a/chapters/web-application-security/cookies-and-session-management/drills/colors/deploy/Makefile b/chapters/web-application-security/cookies-and-session-management/drills/colors/deploy/Makefile
@@ -1,16 +1,19 @@
-FILE	:=../flag
-FLAG	:=$(shell cat $(FILE))
-
-build:
-	docker build -f Dockerfile -t sss-web-02_colors ..
+EXTERNAL_PORT := 8082
+INTERNAL_PORT := 80
+NAME := cookies-and-session-management_colors
+FLAG := $(shell cat ../flag)
 
 run: build
-	docker run -d -p 8082:80 --name sss-web-02_colors sss-web-02_colors
+	docker run -d -p $(EXTERNAL_PORT):$(INTERNAL_PORT) --name $(NAME) -t $(NAME)
+
+build:
+	docker build --build-arg FLAG="$(FLAG)" -t $(NAME) -f Dockerfile ..
 
 stop:
-	docker stop sss-web-02_colors
+	docker stop $(NAME)
 
 clean: stop
-	docker rm sss-web-02_colors
+	docker rm $(NAME)
+	docker image rm $(NAME):latest
 
-.PHONY: build run stop clean
+.PHONY: run build stop clean
diff --git a/chapters/web-application-security/cookies-and-session-management/drills/colors/public/index.php b/chapters/web-application-security/cookies-and-session-management/drills/colors/public/index.php
diff --git a/chapters/web-application-security/cookies-and-session-management/drills/colors/sol/solution.sh b/chapters/web-application-security/cookies-and-session-management/drills/colors/sol/solution.sh
@@ -1,25 +1,22 @@
 #!/bin/bash
 PORT=8082
 
-if [[ $1 == "local" ]]
-then
-    url='http://127.0.0.1:'$PORT
-elif [[ $1 == "remote" ]] && [[ -z $2 ]] 
-then
-    url='http://141.85.224.115:'$PORT
+if [[ $1 == "local" ]]; then
+  url='http://127.0.0.1:'$PORT
+elif [[ $1 == "remote" ]] && [[ -z $2 ]]; then
+  url='http://141.85.224.115:'$PORT
 else
-    url=$1':'$2
+  url=$1':'$2
 fi
 
 # Colors
 echo "Start exploit for Colors"
-url=$url'/colors/index.php?index='
-for i in {3000..4000}
-do
-    flag=$(curl -s $url$i | grep -o "SSS{.*}")
-    if [[ ! -z $flag ]]; then
-        break
-    fi
+url=$url'/index.php?index='
+for i in {3000..4000}; do
+  flag=$(curl -s $url$i | grep -o "SSS{.*}")
+  if [[ ! -z $flag ]]; then
+    break
+  fi
 done
 echo "Flag is $flag"
 echo "----------------------------"
diff --git a/chapters/web-application-security/cookies-and-session-management/drills/colors/src/Makefile b/chapters/web-application-security/cookies-and-session-management/drills/colors/src/Makefile
