题目地址:https://buuoj.cn/challenges#[BJDCTF%202nd]TARGZ-y1ng
![BUUCTF:[BJDCTF 2nd]TARGZ-y1ng_文件名](/i/li/?n=2&i=images/blog/202306/19154659_649007f35fb4d64190.png?,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_30,g_se,x_10,y_10,shadow_20,type_ZmFuZ3poZW5naGVpdGk=/resize,m_fixed,w_1184 "在这里插入图片描述")
![BUUCTF:[BJDCTF 2nd]TARGZ-y1ng_文件名_02](/i/li/?n=2&i=images/blog/202306/19154659_649007f38f80631487.png?,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_30,g_se,x_10,y_10,shadow_20,type_ZmFuZ3poZW5naGVpdGk=/resize,m_fixed,w_1184 "在这里插入图片描述")
解压密码就是当前文件的文件名,套娃
利用脚本
import zipfile
name = 'hW1ES89jF'
while True:
fz = zipfile.ZipFile(name + '.tar.gz', 'r')
fz.extractall(pwd=bytes(name, 'utf-8'))
name = fz.filelist[0].filename[0:9]
fz.close()300层
![BUUCTF:[BJDCTF 2nd]TARGZ-y1ng_文件名_03](/i/li/?n=2&i=images/blog/202306/19154659_649007f3a449834239.png?,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_30,g_se,x_10,y_10,shadow_20,type_ZmFuZ3poZW5naGVpdGk=/resize,m_fixed,w_1184 "在这里插入图片描述")
flag{wow_you_can_rea11y_dance}