Eternal Loop -Misc - only bruteforce

@SnakeMind said:
Really trying to figure out a way to make this extraction scripted.

I baked something in bash, it isn’t pretty but got what I wanted :joy:

Anyone want to give me a hint on the last file here? I scripted my way down to what I THINK is the last zip file but when I try to crack it with a common zip file cracker I get a bunch of false positives from a commonly used word list.

Edit: never mind, it turns out that using the right options with a popular zip file cracker really makes a big difference! :wink: Anyone want to suggest to me what to do with the db contained therein?

…and I got it!

How many zip files in hear?

guys i cant crack with john !!
"No password hashes left to crack " i cant fix it , any help would be great !

@stormy said:
guys i cant crack with john !!
"No password hashes left to crack " i cant fix it , any help would be great !

Try a different tool for cracking the filetype you are working with. A literal google search should get you where you need to go.

If anyone needs a nudge feel free to PM me

@stormy said:
guys i cant crack with john !!
"No password hashes left to crack " i cant fix it , any help would be great !

Maybe try an other approach? Forget dictionary attacks etc, look what is in front of your eyes.

HI,

got the db, but cant find the flag inside. Any hint?

@pkneca said:
HI,

got the db, but cant find the flag inside. Any hint?

Can you figure out what kind of db it is?
Are there different ways you can search through or view it?

I am able to see its contents, but cant find flag…

Guys my last file from zip is kinda empty am I missing something the DoNo…

@mohabaks said:
Guys my last file from zip is kinda empty am I missing something the DoNo…

You need to get and bruteforce the last zip file! Take a look to “Kali Startmenu=> Password attacks=> offline”. It took 10 sec. to let me in! I used the biggest wordlist.

Perhabs you need to run your script twice without to delete the empty file before!? My script worked this way.

hth, otherwise PM me!

ok xDDD

O my fucking god xDDDDDDDDDDDDDDDDDDDDDDDDDDDD

@BfB said:
I created a python script to extract all, bruteforce and exctract the flag… I’m lazy ahaha

Me too, but i’ve found problems with the dictionary for the last password… at the end I used default tool with the “big rock”

Hi here!
Can someone explain, what I should do with database (I’m already unpack it).

@NicoF2000 said:
Okay, that was easier than expected. Got the flag :+1:

I have got to the same point you did. looking through the database, nothing obvious. What triggered the easier than expected?

Solved it: who would have known it was there

@artembelskii said:
Hi here!
Can someone explain, what I should do with database (I’m already unpack it).

Just use any ## editors like notepad++ to open the last database file and search ?.

https://www.hackthebox.eu/profile/42599

nice!!, good challenge, i recommend to make a automated tool and for the last zip file brute force it, then so easy like check strings and look for the Flag

Only ~500 iterations loop if you cannot script the unzipping

Anybody else getting a corrupted zip file about 2 iterations in? I unpack Eternal_loop with the standard hackthebox password, and I do the second one the same way. However on the third file I put in hackthebox and extract it but I always get “An error occurred while extracting files.” Am I alone?