Eternal Loop -Misc - only bruteforce

HI,

got the db, but cant find the flag inside. Any hint?

@pkneca said:
HI,

got the db, but cant find the flag inside. Any hint?

Can you figure out what kind of db it is?
Are there different ways you can search through or view it?

I am able to see its contents, but cant find flag…

Guys my last file from zip is kinda empty am I missing something the DoNo…

@mohabaks said:
Guys my last file from zip is kinda empty am I missing something the DoNo…

You need to get and bruteforce the last zip file! Take a look to “Kali Startmenu=> Password attacks=> offline”. It took 10 sec. to let me in! I used the biggest wordlist.

Perhabs you need to run your script twice without to delete the empty file before!? My script worked this way.

hth, otherwise PM me!

ok xDDD

O my fucking god xDDDDDDDDDDDDDDDDDDDDDDDDDDDD

@BfB said:
I created a python script to extract all, bruteforce and exctract the flag… I’m lazy ahaha

Me too, but i’ve found problems with the dictionary for the last password… at the end I used default tool with the “big rock”

Hi here!
Can someone explain, what I should do with database (I’m already unpack it).

@NicoF2000 said:
Okay, that was easier than expected. Got the flag :+1:

I have got to the same point you did. looking through the database, nothing obvious. What triggered the easier than expected?

Solved it: who would have known it was there

@artembelskii said:
Hi here!
Can someone explain, what I should do with database (I’m already unpack it).

Just use any ## editors like notepad++ to open the last database file and search ?.

https://www.hackthebox.eu/profile/42599

nice!!, good challenge, i recommend to make a automated tool and for the last zip file brute force it, then so easy like check strings and look for the Flag

Only ~500 iterations loop if you cannot script the unzipping

Anybody else getting a corrupted zip file about 2 iterations in? I unpack Eternal_loop with the standard hackthebox password, and I do the second one the same way. However on the third file I put in hackthebox and extract it but I always get “An error occurred while extracting files.” Am I alone?

@viadoxic said:
Anybody else getting a corrupted zip file about 2 iterations in? I unpack Eternal_loop with the standard hackthebox password, and I do the second one the same way. However on the third file I put in hackthebox and extract it but I always get “An error occurred while extracting files.” Am I alone?

The sub-zip files have numbers as their names! Why do you think is that ? :slight_smile:

1 Like

@NicoF2000 said:
The last zip can be extracted using a common wordlist.
But what I fould there didn’t lead me to the flag… What sould I do with this datebase?
I already searched for the flag but I can’t find it.

The last zip is 6969.zip? i found DoNotTouch file but i can’t extract zip file with fcrack.
Which tool i should use?

@loln00b said:

@stormy said:
guys i cant crack with john !!
"No password hashes left to crack " i cant fix it , any help would be great !

Maybe try an other approach? Forget dictionary attacks etc, look what is in front of your eyes.

how to approach? I found DoNotTouch file but it needs password when i open. Pls hint

For some reason I was able to extract the file with a different password which would corrupt the image… interesting

@fabreeze said:
I extracted all the files, I found the password to the last zip.
I get a corrupted file! It’s just blank.
I tried downloading the challenge again but same issue.
Is this part of the challenge or is something weird going on?

Obviously something went wrong, I solved it yesterday. Make sure you have nesessary software to open the file. This is SQL database, you can use SQLite in Linux, e.g.

You can just strings | grep HTB once you open the file properly.
I ended up solving it, I just thought it was interesting how the file could be opened with a wrong password and yielded a corrupted file