Tar Pit is a scripting challenge that was part of the 2022 After Dark CTF - Fall. We have to get to the bottom of the given tar file and find the flag.

$ file pit.tgz
pit.tgz: gzip compressed data, last modified: Thu Nov 17 02:58:31 \
    2022, from Unix, original size modulo 2^32 120320

Solution

Writing a simple bash script to extract the tar file over and over again.

#!/bin/bash
i=0
while true
do
    if [ $(ls -1 | wc -l) -gt 2 ]
    then
        echo "Found more than 2 files"
        break
    else
        tar xvf pit.tgz
        i=$(($i+1))
        echo $i
        md5sum pit.tgz
    fi
done

Output:

$ ./untar-pit.sh
pit.tgz
1
bac04f75ea2f733d4b8f166536896a7d  pit.tgz
pit.tgz
2
ea67fcc264229f91a8cf7607f36221cf  pit.tgz
...
pit.tgz
554
d1ee10e3545cb0d79f3f9e0c44dcba01  pit.tgz
pit.tgz
555
473e58d0d2909e4873ecd2fe21722c0b  pit.tgz
found_the_bottom
556
473e58d0d2909e4873ecd2fe21722c0b  pit.tgz
Found more than 2 files
$ cat found_the_bottom
flag{wow_that's_pretty_deep}

The biggest challenge was to realize that the extracted tar file had the same name as the original one.

We were stuck for a while trying to extract the tar file, and it looked like nothing was happening. That’s the reason for the md5sum command in the script.

Flag

The flag is “flag{wow_that’s_pretty_deep}”.