(web): Added wheres_the_sauce challenge

web/wheres_the_sauce/challenge.yml

@@ -0,0 +1,27 @@
+name: "Where's The Sauce?"
+author: "sAINT_barber"
+category: web
+
+description: |
+  There should be a flag somewhere on this site, but the developer has hidden it well.
+  Luckily we have the source code!
+
+value: 500
+type: dynamic_docker
+extra:
+  initial: 500
+  minimum: 100
+  decay: 25
+  redirect_type: http
+  compose_stack: !filecontents docker-compose.yml
+
+
+flags:
+  - CTF{r34d_th3_50urc3_und3r57and_th3_5auc3}
+
+tags:
+  - beginner
+
+
+state: visible
+version: "0.1"

web/wheres_the_sauce/docker-compose.yml

@@ -0,0 +1,9 @@
+services:
+
+  app:
+    image: ghcr.io/cybermouflons/ccsc2024/wheres_the_sauce:latest 
+    build: ./setup/
+    ports:
+      - 3000:3000
+    environment:
+      flag: CTF{r34d_th3_50urc3_und3r57and_th3_5auc3} 

web/wheres_the_sauce/package.json

@@ -0,0 +1 @@
+{}

web/wheres_the_sauce/setup/.dockerignore

@@ -0,0 +1,2 @@
+node_modules
+Dockerfile

web/wheres_the_sauce/setup/Dockerfile

@@ -0,0 +1,17 @@
+FROM node:20
+
+WORKDIR /app
+
+COPY package*.json ./
+
+COPY routes/ routes/
+COPY static/ static/
+COPY views/ views/
+COPY server.js server.js
+
+RUN npm install
+
+EXPOSE 3000
+# CMD ["npm", "run", "dev"] 
+
+CMD ["npm", "run", "start"]

web/wheres_the_sauce/setup/package.json

@@ -0,0 +1,18 @@
+{
+  "name": "web_template",
+  "version": "1.0.0",
+  "description": "Web challenge template for GT's beginners quest",
+  "main": "server.js",
+  "scripts": {
+    "dev": "nodemon -e html,js server.js",
+    "start": "node server.js"
+  },
+  "author": "sAINT_barber",
+  "license": "ISC",
+  "dependencies": {
+    "express": "^4.19.2",
+    "nodemon": "^3.1.4",
+    "nunjucks": "^3.2.4",
+    "sqlite-async": "1.1.2"
+  }
+}

web/wheres_the_sauce/setup/routes/index.js

@@ -0,0 +1,47 @@
+const express = require('express')
+const router = express.Router({ caseSensitive: true });
+
+const response = data => ({ message: data });
+flag = process.env.flag
+
+const flag_part_1 = flag.slice(0, flag.length / 2)
+const flag_part_2 = flag.slice(flag.length / 2, flag.length)
+
+
+router.get('/', async (req, res) => {
+
+    return res.render('index.html');
+});
+
+
+router.get('/flag-endpoint-1', async (req, res) => {
+    error=""
+    success=""
+
+    if(req.query.secret_param1 == 1337){
+        if(req.headers.give_me == "my_flag_please"){
+            if(req.query.secret_param2 == 7331){
+
+                return res.render('index.html', {success: flag_part_1});
+
+            }
+        }
+    }
+
+    return res.render('index.html', {error: "No flag for you!"});
+});
+
+
+router.options('/flag-endpoint-2', async (req, res) => {
+
+    success=""
+
+    return res.render('index.html', {success: flag_part_2});
+});
+
+
+module.exports = database => {
+    db = database;
+    return router;
+};
+

web/wheres_the_sauce/setup/server.js

@@ -0,0 +1,38 @@
+const express = require('express');
+const nunjucks = require('nunjucks');
+const bodyParser = require('body-parser');
+const http = require('http');
+
+app = express();
+
+var httpServer = http.createServer(app);
+const routes = require('./routes'); 
+
+app.use(bodyParser.urlencoded({ extended: true }));
+app.use(express.json());
+
+nunjucks.configure('views', {
+  autoescape: true,
+  express: app
+});
+
+app.set('view engine', 'nunjucks');
+app.set('views', './views');
+app.use(express.static('./static'));
+
+
+app.use(routes());
+
+app.use(function(err, req, res, next) {
+    console.log(err)
+    res.status(500).json({ message: 'You broke me :(' });
+  });
+
+(async() => {
+
+
+    httpServer.listen(3000, () => {
+        console.log(`Server running at http://0.0.0.0:3000/`);
+    });
+
+})();