Sometimes auditing nginx configurations is difficult, here is a snippet of collected configurations from production.
The challenge only works on the http3 protocol (in our case: port 18443/udp).
Remember to use the "custom" http3 client and skip ssl verification :).Host: quiclookthis.ecsc22.hack.cert.pl
Port: 18443/udp
Hint: There are some interesting lines in the Dockerfile:
&& echo "Patching nginx lines 713,803 ..." \ && awk 'BEGIN{ i=0; } { i++; if(i==713 || i==803) print "return NGX_OK;"; else print $0; }' ./src/http/v3/ngx_http_v3_request.c > ./tmp.c \ && mv -f ./tmp.c ./src/http/v3/ngx_http_v3_request.c \
Format flagi:
ecsc{litery_cyfry_i_znaki_specjalne}.
W razie wątpliwości lub pytań dotyczących konkursu zapraszamy na naszego Discorda: https://discord.gg/gAtRKa2rcn.