picoCTF General Skills Guide

here's how to solve Big Zip

Back to the General Skills Guides

Big Zip

Name: Big Zip
Description: Unzip this archive and find the flag. Download zip file
Author: LT 'syreal' Jones
Tags: Easy, General Skills, picoGym Exclusive
Challenge from: picoGym Exclusive
Files: big-zip-files.zip
Hints:
1. Can grep be instructed to look at every file in a directory and its subdirectories?

Theory

According to the description, to get the flag we have to search recursively through a big zip file, so big in fact, that when i took a peak at it, I saw that it has like 9,000 items in it. So yeah, the description doesn't point to nothing, so looking at the single hint, yeah, apparently you can use grep to recursively go through every file in every folder, looking through its content looking for the query you put in it, that's great, exactly what we need for this challenge. So the command just includes the usual query for the flag and where you want to look for that query, but an -R or --recursive option at the beginning for recursive search, just like this:

grep -R "picoCTF{" big-zip-folder-name/*

Solution

First, let's just get the zip, open it, and place ourselves inside:

shukularuni-picoctf@webshell:~$ wget https://artifacts.picoctf.net/c/505/big-zip-files.zip
--2025-04-13 01:50:48--  https://artifacts.picoctf.net/c/505/big-zip-files.zip
Resolving artifacts.picoctf.net (artifacts.picoctf.net)... 3.160.22.16, 3.160.22.128, 3.160.22.43, ...
Connecting to artifacts.picoctf.net (artifacts.picoctf.net)|3.160.22.16|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3182988 (3.0M) [application/octet-stream]
Saving to: 'big-zip-files.zip'

big-zip-files.zip   100%[==================>]   3.04M  1.82MB/s    in 1.7s    

2025-04-13 01:50:50 (1.82 MB/s) - 'big-zip-files.zip' saved [3182988/3182988]

shukularuni-picoctf@webshell:~$ unzip big-zip-files.zip
...

shukularuni-picoctf@webshell:~$ cd big-zip-files

Now let's just run the command from theory, and it should take a few many seconds, mainly because of the severe amount of files in here:

shukularuni-picoctf@webshell:~/big-zip-files$ grep -R "picoCTF{" *
folder_pmbymkjcya/folder_cawigcwvgv/folder_ltdayfmktr/folder_fnpfclfyee/whzxrpivpqld.txt:information on the record will last a billion years. Genes and brains and books encode picoCTF{gr3p_15_m4g1c_ef8790dc}

There we go! That's the flag.

I rated this level as "good"! :3

https://play.picoctf.org/practice/challenge/322

Explore My Website