Each challenge is a repository with a vulnerable GitHub Actions workflow. Your goal: exploit it to extract a secret token, then use that token to open an issue in the corresponding flag repo.
- Pick a challenge below and read its README
- Trigger the workflow (open a PR, post an issue comment, etc. β the README tells you how)
- Exploit the vulnerability to extract
WORKSHOP_TOKEN - Submit your flag:
curl -X POST \
-H "Authorization: Bearer WORKSHOP_TOKEN" \
-H "Accept: application/vnd.github+json" \
https://api.github.com/repos/kodeverksted/flag-N/issues \
-d '{"title":"Flag","body":"user: YOUR_GITHUB_USERNAME"}'Replace
WORKSHOP_TOKEN,N, andYOUR_GITHUB_USERNAMEaccordingly.
- Tokens are automatically rotated every 5 minutes, or on demand.
- Please do not leak tokens intentionally, GitHub will automatically revoke them interrupting the challenge for everyone.
- BUT mistakes happen, do not be afraid to experiment! Just don't keep leaking tokens over and over again.
- If you get 401 when trying to use a challenge token, wait a minute and fetch a newly issued one by triggering the workflow again.
| # | Difficulty | Repo |
|---|---|---|
| 1 | π’ Easy | challenge-1 |
| 2 | π’ Easy | challenge-2 |
| 3 | π‘ Medium | challenge-3 |
| 4 | π‘ Medium | challenge-4 |
| 5 | π Hard | challenge-5 |
| 6 | π Hard | challenge-6 |
| 7 | π΄ Expert | challenge-7 |