TJCTF2020 - Zipped Up

Posted on mar. 02 juin 2020 in CTF

solves : 255

Points:  70

Written by agcdragon

My friend changed the password of his Minecraft account that I was using so that I would stop being so addicted. Now he wants me to work for the password and sent me this zip file. I tried unzipping the folder, but it just led to another zipped file. Can you find me the password so I can play Minecraft again?

Zip file

We have a zip archive that contains another archive inside with a text file:

╰─ tar -jtvf 1.tar.bz2
drwxr-xr-x andy/andy         0 2020-03-09 02:58 1/
-rw-r--r-- andy/andy   1022589 2020-03-09 02:58 1/2.tar.bz2
-rw-r--r-- andy/andy        20 2020-03-09 02:57 1/1.txt
╰─ cat 1.txt 
tjctf{n0t_th3_fl4g}

So, we need to extract all archive and check if the text file contains the flag. I made a bash python script to extract the archive:

import subprocess

for x in range(1, 1000):
        subprocess.run(["7z", "e", str(x) + ".tar.bz2"])
        subprocess.run(["7z", "e", str(x) + ".kz3"])
        subprocess.run(["7z", "e", str(x) + ".tar.gz"])
        subprocess.run(["7z", "e", str(x) + ".tar"])
        pass

We have the first 1000 archives. Let's check if we got the flag:

╰─ rg -v 'n0t_th3' *.txt
829.txt
1:tjctf{p3sky_z1p_f1L35}

Great! It was inside the 829th archive.

hack learn ctf tjctf 2020 miscellaneous misc python script zip