One minute
cherryNo.7
After Dark CTF Fall22 - Tar Pit
Tar Pit is a scripting challenge that was part of the 2022 After Dark CTF - Fall. We have to get to the bottom of the given tar file and find the flag.
$ file pit.tgz
pit.tgz: gzip compressed data, last modified: Thu Nov 17 02:58:31 \
2022, from Unix, original size modulo 2^32 120320
Solution
Writing a simple bash script to extract the tar file over and over again.
#!/bin/bash
i=0
while true
do
if [ $(ls -1 | wc -l) -gt 2 ]
then
echo "Found more than 2 files"
break
else
tar xvf pit.tgz
i=$(($i+1))
echo $i
md5sum pit.tgz
fi
done
Output:
$ ./untar-pit.sh
pit.tgz
1
bac04f75ea2f733d4b8f166536896a7d pit.tgz
pit.tgz
2
ea67fcc264229f91a8cf7607f36221cf pit.tgz
...
pit.tgz
554
d1ee10e3545cb0d79f3f9e0c44dcba01 pit.tgz
pit.tgz
555
473e58d0d2909e4873ecd2fe21722c0b pit.tgz
found_the_bottom
556
473e58d0d2909e4873ecd2fe21722c0b pit.tgz
Found more than 2 files
$ cat found_the_bottom
flag{wow_that's_pretty_deep}
The biggest challenge was to realize that the extracted tar file had the same name as the original one.
We were stuck for a while trying to extract the tar file, and it looked like nothing was happening. That’s the reason for the md5sum
command in the script.
Flag
The flag is “flag{wow_that’s_pretty_deep}”.