Taking LS
2 minutes to read
We are given a ZIP file that contains these files and directories:
$ unzip -l The\ Flag.zip
Archive: The Flag.zip
Length Date Time Name
--------- ---------- ----- ----
0 10-30-2016 14:45 The Flag/
6148 10-30-2016 14:45 The Flag/.DS_Store
0 10-30-2016 14:46 __MACOSX/
0 10-30-2016 14:46 __MACOSX/The Flag/
120 10-30-2016 14:45 __MACOSX/The Flag/._.DS_Store
0 10-30-2016 14:40 The Flag/.ThePassword/
42 10-30-2016 14:41 The Flag/.ThePassword/ThePassword.txt
16647 10-30-2016 14:45 The Flag/The Flag.pdf
177 10-30-2016 14:45 __MACOSX/The Flag/._The Flag.pdf
--------- -------
23134 9 files
Now we can extract the files:
$ unzip The\ Flag.zip
Archive: The Flag.zip
creating: The Flag/
inflating: The Flag/.DS_Store
creating: __MACOSX/
creating: __MACOSX/The Flag/
inflating: __MACOSX/The Flag/._.DS_Store
creating: The Flag/.ThePassword/
inflating: The Flag/.ThePassword/ThePassword.txt
inflating: The Flag/The Flag.pdf
inflating: __MACOSX/The Flag/._The Flag.pdf
Let’s list the generated directory:
$ ls The\ Flag
The Flag.pdf
We only see a PDF file, which is encrypted with password. However, the ZIP file contains more files, as listed above. We can use ls -a to list all items (including hidden ones):
$ ls -a The\ Flag
. .. .DS_Store .ThePassword The Flag.pdf
There is a hidden directory called .ThePassword. Inside we find a file that contains the password for the PDF file:
$ ls The\ Flag/.ThePassword
ThePassword.txt
$ cat The\ Flag/.ThePassword/ThePassword.txt
Nice Job! The Password is "Im The Flag".
Using this password, we can open the PDF file and read the flag: CTFlearn{T3Rm1n4l_is_C00l}.