The challenge is designed to be tedious. Upon extracting the first layer, you find another archive, and then another. This is a common CTF trope where the flag is buried 100+ layers deep. Not recommended.
Once the final layer is reached, you are typically left with a text file or an image. 2 Boys 1 Cup.rar
In this specific DUCTF challenge, the "Cup" refers to the final file containing the flag string. Flag Format: DUCTF{...} Key Takeaway The challenge is designed to be tedious
Most solvers use a simple Python or Bash loop to repeatedly unzip/unrar until no more archives remain. Not recommended
import zipfile import os filename = "2_boys_1_cup.rar" while True: try: with zipfile.ZipFile(filename, 'r') as z: z.extractall() # Logic to find the next filename usually goes here # Often the next file has a predictable name like 'next.zip' except: break Use code with caution.
The first step in any forensics challenge is identifying the file type. Despite the .rar extension, tools like file or a hex editor (like HxD) are used to confirm the header. file 2_boys_1_cup.rar