Rabbit — DownUnderCTF 2021

2 min readSep 26, 2021


CTF EVENT : DownUnderCTF 2021





Can you find Babushka’s missing vodka? It’s buried pretty deep, like 1000 steps, deep.

Download: flag.txt

Author: Crem + z3kxTa

The idea here is quite simple, when you check the file type of the flag.txt you will realize that every time that you extract the flag.txt, the file extracted will be always a compressed file such as XZ, bzip2, gzip, or Zip.

The main goal is to extract everything, right? However, the tricky part is that the file type changes every time when you decompressed it. Moreover, the name of the file changes as well. So, we will need to create a bash script to automate the process of identifying the type of file, decompress it with the right tool and change the name of the file to flag.txt.

Here is my script (you can find this script on my github page here):

If you run this bash script you will find the flag:

Flag : DUCTF{babushkas_v0dka_was_h3r3}


I am quite proud of solving this challenge. Thanks to this challenge I learned a bit more about bash scripting. Definitely, I will use more bash scripting in the future. 😊

I hope that my writeup helped you to understand better all the aspects of this CTF. If you want to read more writeups like this one or have any questions, you can find me on Twitter @dropn0w.

Stay safe and keep learning!