Eternal Loop -Misc - only bruteforce

@Sanduuz said:
Nevermind, I just realized I have a corrupt fileā€¦

Quality content and family fun - the HTB forums for when youā€™re feeling down and need someone to make you giggle.

Is this file corrupt? I have downloaded the zip and extracted the contents using the default hackthebox password. However, my fcrack and john doesnā€™t want to handle that file.

sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: Unterminated quoted string
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: EOF in backquote substitution

Did I corrupt my system?

@magnus, John and fcrack are useless here. Start with strings or xxd then use that hint and refer to the challenge name.

Really trying to figure out a way to make this extraction scripted. If anyone is willing to give a little nudge into the right direction, it would be much appreciated. I know a bit about scripting, but not too much yet and I think this can help me learn so much more again :slight_smile:

@SnakeMind said:
Really trying to figure out a way to make this extraction scripted.

I baked something in bash, it isnā€™t pretty but got what I wanted :joy:

Anyone want to give me a hint on the last file here? I scripted my way down to what I THINK is the last zip file but when I try to crack it with a common zip file cracker I get a bunch of false positives from a commonly used word list.

Edit: never mind, it turns out that using the right options with a popular zip file cracker really makes a big difference! :wink: Anyone want to suggest to me what to do with the db contained therein?

ā€¦and I got it!

How many zip files in hear?

guys i cant crack with john !!
"No password hashes left to crack " i cant fix it , any help would be great !

@stormy said:
guys i cant crack with john !!
"No password hashes left to crack " i cant fix it , any help would be great !

Try a different tool for cracking the filetype you are working with. A literal google search should get you where you need to go.

If anyone needs a nudge feel free to PM me

@stormy said:
guys i cant crack with john !!
"No password hashes left to crack " i cant fix it , any help would be great !

Maybe try an other approach? Forget dictionary attacks etc, look what is in front of your eyes.

HI,

got the db, but cant find the flag inside. Any hint?

@pkneca said:
HI,

got the db, but cant find the flag inside. Any hint?

Can you figure out what kind of db it is?
Are there different ways you can search through or view it?

I am able to see its contents, but cant find flagā€¦

Guys my last file from zip is kinda empty am I missing something the DoNoā€¦

@mohabaks said:
Guys my last file from zip is kinda empty am I missing something the DoNoā€¦

You need to get and bruteforce the last zip file! Take a look to ā€œKali Startmenu=> Password attacks=> offlineā€. It took 10 sec. to let me in! I used the biggest wordlist.

Perhabs you need to run your script twice without to delete the empty file before!? My script worked this way.

hth, otherwise PM me!

ok xDDD

O my fucking god xDDDDDDDDDDDDDDDDDDDDDDDDDDDD

@BfB said:
I created a python script to extract all, bruteforce and exctract the flagā€¦ Iā€™m lazy ahaha

Me too, but iā€™ve found problems with the dictionary for the last passwordā€¦ at the end I used default tool with the ā€œbig rockā€

Hi here!
Can someone explain, what I should do with database (Iā€™m already unpack it).

@NicoF2000 said:
Okay, that was easier than expected. Got the flag :+1:

I have got to the same point you did. looking through the database, nothing obvious. What triggered the easier than expected?

Solved it: who would have known it was there