top of page

CTF#06 Solution

Rabbit hole

Number of files: 1

Flag pattern: flag#**********

Flag: flag#msfs3n5nd

Solvable on which OS: Windows

This solution’s OS: Windows 11

Software: (WinZip / WinRar), Text Editor, Photo viewer

Estimated solution time: 6 minutes

Internet access required: For software installation only

Details

Goal

The user needs to unzip the file and open nested folders one by one until the last folder in the “rabbit hole” is reached. There the user will find a file with no extension. The user should understand that this file is a .png file – e.g. by seeing that the first characters in its content are PNG (when opened in a text editor). Adding .png as an extension to the file name and opening the file in a photo viewer will reveal the flag.

Implementation

We received the file rabbitHole.rar:

Let’s extract its content – a folder named rabbitHole – into the same folder:

Inside the folder rabbitHole is a “rabbit’s hole”: 30 nested folders, the innermost of which containing a file called “flag”. It’s a file with no extension.

We notice that we don’t know of what type this file is. Of course we can try to attach to it extensions at random according to known file types (.exe, .pdf, .mp3, .xlsx, and so on) and try to open the file, until one of them works.

But before that we can also try a more direct approach: see if there’s any clue inside the file’s textual content. To view that, we’ll open the file in a text editor (e.g. Notepad):

Here we can see that PNG, a common photo format (short for Portable Network Graphic), appears in the first row:

So, let’s rename file and add the extension .png:

Now we double-click on the file to open it with a photo viewer, and we see:

Our flag is:

flag#msfs3n5nd

And that’s our answer.

bottom of page