Eternal Loop -Misc - only bruteforce

Hi!

Is there any other way to solve the challenge except for bruteforcing the last zip?

dodo

«13

Comments

  • Not that i found. Although i would recommend a dictionary attack instead.

    Waffles
    | OSCP | OSWP | PenTest+ |

  • you extracted all zip files ?

  • @jackshd said:
    you extracted all zip files ?

    Yes but not by hand...

    dodo

  • The last zip can be extracted using a common wordlist.
    But what I fould there didn't lead me to the flag... What sould I do with this datebase?
    I already searched for the flag but I can't find it.

    Hack The Box

  • Okay, that was easier than expected. Got the flag :+1:

    Hack The Box

  • Very interesting challenge. Wrote an automation script to get to the last zip and then brute forced and found the password in 5 seconds. And then used "browser" to view the data. Enjoy!

    3zCulprit

  • Anyone mind PMing me on this? I have been trying to write a bruteforce script for this, but I'm not sure why it's not working.

    Sh311c0d324

  • UPDATE: Solved. :)

    Sh311c0d324

  • So I know how this challenge works, but my scripting knowledge is very limited! Time to learn I suppose.

  • scripting will help to complete this challenge with in minutes.i dont know how much time it will take to manually unzip few hundred zip.

  • It was a fun challenge learning to script around the problem. Fun challenge.

  • Php script is a nice tool to solve challenges like this. Only a recursive function with shell exec need it.
    Btw: Very clever challenge ;)

  • I could be wrong... but I think bash is even faster than PHP. I did it in about 5 lines to unpack and cd

    +1 respect if I've helped
    Honeybadgurrr

  • I created a python script to extract all, bruteforce and exctract the flag.. I'm lazy ahaha

  • @thek

    *anything else "is a nice tool to solve challenges like this." xD /jk
  • lol, here come the language wars. :O

    p.s. I did mine in expect.

  • @dispareo said:
    I could be wrong... but I think bash is even faster than PHP. I did it in about 5 lines to unpack and cd

    I wrote a python script to loop-unpack but (excluding the helper output lines) it is 15 lines of code. Can you (or others who have short script) post (or personal message me) your code. I would like to know the shortest and fastest way to write scripts like this (in any language).

  • edited June 2018

    I'm writing a script, but when I use a dictionary with fcrackzip, it has not brought me the password. I do a test, and the result when it finds a password is:

    fcrackzip -D -p rockme.txt teste.zip -u -v
    found file 'teste.txt', (size cp/uc 17/ 5, flags 1, chk e6b4)

    I need to know the password, to implement my script. Someone has the same problem? How to solve?

    andremilke

  • edited June 2018

    I don't remember a teste.zip file in this... but you only need to crack the final zip after looping through .... whatever else..... is in there beforehand. You can "guess" whatever other passwords you need before that.

    +1 respect if I've helped
    Honeybadgurrr

  • teste.zip is a file of mine, for test.

    andremilke

  • @andremilke said:
    I'm writing a script, but when I use a dictionary with fcrackzip, it has not brought me the password. I do a test, and the result when it finds a password is:

    fcrackzip -D -p rockme.txt teste.zip -u -v
    found file 'teste.txt', (size cp/uc 17/ 5, flags 1, chk e6b4)

    I need to know the password, to implement my script. Someone has the same problem? How to solve?

    thx for hint=)

    R1d0

  • @dispareo said:
    I don't remember a teste.zip file in this... but you only need to crack the final zip after looping through .... whatever else..... is in there beforehand. You can "guess" whatever other passwords you need before that.

    "Guess" as in brute force? I'm having trouble getting past the first password protected zip :/

    drtychai

  • @drtychai said:

    @dispareo said:
    I don't remember a teste.zip file in this... but you only need to crack the final zip after looping through .... whatever else..... is in there beforehand. You can "guess" whatever other passwords you need before that.

    "Guess" as in brute force? I'm having trouble getting past the first password protected zip :/

    Do you mean the very first password protected script, the one you download from hackthebox? You are supposed to open it without guessing. Reread the challenge description

  • @nns2009

    I believe he meant the one after that.

  • edited June 2018

    @nns2009 said:

    @drtychai said:

    @dispareo said:
    I don't remember a teste.zip file in this... but you only need to crack the final zip after looping through .... whatever else..... is in there beforehand. You can "guess" whatever other passwords you need before that.

    "Guess" as in brute force? I'm having trouble getting past the first password protected zip :/

    Do you mean the very first password protected script, the one you download from hackthebox? You are supposed to open it without guessing. Reread the challenge description

    I mean the first one, after you unzip the downloaded chall

    drtychai

  • @d4rk3r said:
    @nns2009

    I believe he meant the one after that.

    I wanted to believe this too..

    Hack The Box

  • I'm probably overthinking, but what am I supposed to do with the last file? Any help?

  • @Sanduuz said:
    I'm probably overthinking, but what am I supposed to do with the last file?

    Nothing special

  • @nns2009 said:

    @Sanduuz said:
    I'm probably overthinking, but what am I supposed to do with the last file?

    Nothing special

    What you mean nothing special? It's probably that the clock is 2am and my brains don't work. Please help.

  • Nevermind, I just realized I have a corrupt file....

Sign In to comment.