The first step in any forensic challenge is to identify what you are dealing with using command-line tools:
Use unrar l CTESP.rar to list the files inside without extracting. Look for: flag.txt Hidden directories (starting with . ) CTESP.rar
If the RAR file is password-protected, the write-up usually follows these paths: The first step in any forensic challenge is
Check the archive icon or file name for clues. In "CTESP" (Portugal-based) challenges, the password is often related to the school, the year, or a term found in the challenge description. 5. Extraction and Flag Discovery Once the password is found or bypassed: Extract: unrar x CTESP.rar . Use binwalk CTESP
Use binwalk CTESP.rar to see if there are other files embedded or hidden within the archive structure. 3. Archive Examination Open the archive (or attempt to) to see its structure: