open-education-hub · gabrielmocanu · Jan 2, 2026 · Jun 30, 2023 · Jun 30, 2023 · Jun 30, 2023
diff --git a/...ication-security/cookies-and-session-management/drills/beep-beep-boop/README.md b/...ication-security/cookies-and-session-management/drills/beep-beep-boop/README.md
@@ -0,0 +1,27 @@
+# Name: Beep beep boop
+
+## Description
+
+Get the flag from http://141.85.224.115:8088.
+
+Score: 50
+
+## Vulnerability
+
+Information disclosure in robots.txt leading to a hidden PHP file. The cookie from that page also needs to be set to a certain value.
+
+## Exploit
+
+Script in `./sol/solution.sh`
+
+## Environment
+
+Apache web server. (deployable as a Docker container using files in `deploy/` folder)
+
+## Deploy
+
+Copy `deploy/` folder and run `make run`.
+
+If you need to update the image and container, remove the old container with `make clean` and update the image (and container) using `make`.
+
+It is not possible to update the container without updating the image first.
diff --git a/...plication-security/cookies-and-session-management/drills/beep-beep-boop/deploy/Dockerfile b/...plication-security/cookies-and-session-management/drills/beep-beep-boop/deploy/Dockerfile
@@ -0,0 +1,14 @@
+# Stage 1: Generate the source file with the flag
+FROM alpine:latest AS builder
+
+ARG FLAG
+COPY src/73656372657420666f72204153494d4f.template.php /tmp/73656372657420666f72204153494d4f.template.php
+RUN sed "s/__TEMPLATE__/${FLAG}/g" /tmp/73656372657420666f72204153494d4f.template.php > /tmp/73656372657420666f72204153494d4f.php
+
+# Stage 2: Final image
+FROM php:7.2-apache
+
+COPY src/index.html /var/www/html/
+COPY src/robots.txt /var/www/html/
+COPY src/assets /var/www/html/assets
+COPY --from=builder /tmp/73656372657420666f72204153494d4f.php /var/www/html/
diff --git a/...application-security/cookies-and-session-management/drills/beep-beep-boop/deploy/Makefile b/...application-security/cookies-and-session-management/drills/beep-beep-boop/deploy/Makefile
@@ -0,0 +1,19 @@
+EXTERNAL_PORT := 8088
+INTERNAL_PORT := 80
+NAME := cookies-and-session-management_beep-beep-boop
+FLAG := $(shell cat ../flag)
+
+run: build
+	docker run -d -p $(EXTERNAL_PORT):$(INTERNAL_PORT) --name $(NAME) -t $(NAME)
+
+build:
+	docker build --build-arg FLAG="$(FLAG)" -t $(NAME) -f Dockerfile ..
+
+stop:
+	docker stop $(NAME)
+
+clean: stop
+	docker rm $(NAME)
+	docker image rm $(NAME):latest
+
+.PHONY: run build stop clean
diff --git a/chapters/web-application-security/cookies-and-session-management/drills/beep-beep-boop/flag b/chapters/web-application-security/cookies-and-session-management/drills/beep-beep-boop/flag
@@ -0,0 +1 @@
+SSS{We_w0rsh1p_1saac_As1m0v}
diff --git a/...ession-management/drills/beep-beep-boop/src/73656372657420666f72204153494d4f.template.php b/...ession-management/drills/beep-beep-boop/src/73656372657420666f72204153494d4f.template.php
@@ -0,0 +1,9 @@
+<?php
+setcookie('robotType', 'HUMAN'); // 48756d616e
+
+if ($_COOKIE['robotType'] == 'ASIMOV') { // 4153494d4f
+	echo 'Congrats! You’ve proven to be worthy. <br />Here is your secret: __TEMPLATE__';
+} else {
+	echo 'This is a secure area that can only be accessed by the most advanced humanoid robots.';
+}
+?>