CTF#06 Solution
Rabbit hole
Number of files: 1
Flag pattern: flag#**********
Flag: flag#msfs3n5nd
Solvable on which OS: Windows
This solution’s OS: Windows 11
Software: (WinZip / WinRar), Text Editor, Photo viewer
Estimated solution time: 6 minutes
Internet access required: For software installation only
Details
Goal
The user needs to unzip the file and open nested folders one by one until the last folder in the “rabbit hole” is reached. There the user will find a file with no extension. The user should understand that this file is a .png file – e.g. by seeing that the first characters in its content are PNG (when opened in a text editor). Adding .png as an extension to the file name and opening the file in a photo viewer will reveal the flag.
Implementation
We received the file rabbitHole.rar:
Let’s extract its content – a folder named rabbitHole – into the same folder:
Inside the folder rabbitHole is a “rabbit’s hole”: 30 nested folders, the innermost of which containing a file called “flag”. It’s a file with no extension.
We notice that we don’t know of what type this file is. Of course we can try to attach to it extensions at random according to known file types (.exe, .pdf, .mp3, .xlsx, and so on) and try to open the file, until one of them works.
But before that we can also try a more direct approach: see if there’s any clue inside the file’s textual content. To view that, we’ll open the file in a text editor (e.g. Notepad):
Here we can see that PNG, a common photo format (short for Portable Network Graphic), appears in the first row:
So, let’s rename file and add the extension .png:
Now we double-click on the file to open it with a photo viewer, and we see:
Our flag is:
flag#msfs3n5nd
And that’s our answer.