Zipped Up

Miscellaneous [70 pts]

It appears that the file in question has been zipped many times. Sure enough, when I click the link it downloads me a .zip file.

When unzipped, this file results in a folder named “0” and inside that folder, results another zipped file. This time, ending in .tar.bz2.

When I unzip this file, it results in another folder, named “1” and in that folder there is a file named 1.tar.

When this is unzipped, it reveals a .txt file and yet another file.

When opening the .txt, we get a flag – however, it claims it is not the flag.

It really is not the flag.

When I unzipped the file further, the pattern repeated. Every few unzips, there would be another .txt file with the same message.

Okay, so I have to write a script to make this process automated. Lets jump into linux.

I created a simple bash script that would do some terminal commands over and over. I made bash script, and then I made a loop.


while [ $MYNUM -le 999 ]

MYNUM=$(( $MYNUM + 1 ))

^ Basically, every time it loops, the variable MYNUM increases by one. Eventually, it will stop looping. It will repeat about a thousand times.

Okay, lets add some commands. At first I thought I would use the tar command to unzip the files, and gzip and bzip and the rest for their respective file extensions. However, I realized that that would just be troublesome – I don’t want to have to manage 3 or 4 different tools and commands to unzip each file, right? So I thought I might find a single tool that can unzip every file extension type. And of course, my favorite would be 7zip.

On linux, that would be p7zip, as the command line tool. Lets add it into the loop.

Basically, all this command does is it looks for any file in the immediate directory and attempts to unzip it.

7z x *.* -oA – 7z (command) x (extract to full path) *.* (wildcard . wildcard — any file name with any extension) -oA (create a new directory, named “A”)

Then we have to make a way for the terminal to change directory into that new folder. This way, when it repeats, it will unzip the new .zip instead of the old one.

However, notice how I specifically asked 7zip to create a new directory, every time? Wouldn’t the folder they create when unzipped normally be enough? Well, not exactly. I forgot to mention, but every so often, the zips did not contain a folder. They sometimes only contained the next .zip. This messes with my script, because then *.* no longer works, because there are two files. because of this problem, I made 7zip create a new directory every time. However, because of That, I will have to point my script to change directory twice.

cd */ (Changes directory to any immediate folder.)
cd */ (Changes directory to any immediate folder.)

However, we can’t quite run the script yet. Remember the .txt files, which contain a false flag? we need to get rid of those since if 7zip see two files in one directory, it cannot unzip *.*.

To do this, I simply used the mv command to move them into another directory. Since this has to happen before the 7zip command gets activated, I put it first in the loop.

mv *.txt /home/kali/Documents/txts/ (Moves any file that ends in .txt to a folder I created in my Documents directory)

And with that, its ready to run. Lets add all our files into a testing directory.

My script ^

Plus 4.tar.gz (Remember how I unzipped a few by hand to get an understanding of the contents? I still had it, so I just copied the lowest one down I had.)

lets jump into a terminal.

How you run the bash script ^

Now, you can’t see this in my screenshot, but the command is running extremely fast. I’s no more than a blur when I tried to take this screenshot.

After the command stopped working, and I was getting errors because “No such file or directory exists” on 7zip (meaning that I have unzipped them to the very last zip) I went back to examine my .txts.

There are 1001 items (I went back and added the first few, for aesthetics)

Now, lets find the one that does not contain the message “tjctf{n0t_th3_fl4g}”
Some people created yet another script to do this, but instead of doing that, I just sorted by size.

Hmmm, 829.txt has a different file size than the other 1000? how peculiar.

Oh, yeah. Its because it contains the flag.

Flag: tjctf{p3sky_z1p_f1L35}

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s