Eternal Loop -Misc - only bruteforce

Yeah I couldn’t get the file to open with sqlite, but the flag was easy enough to find with strings DoNotTouch | grep HTB

Fun challenge, it was fun to write a script again.

I do have some questions though. If anyone’s good at bash scripting, please PM me. Having a little trouble with one part of my script and I’m not sure why.

i dont know how to use script in this challenge, teach me pls :frowning:

Pretty cool challenge. I taught how to write simple scripts ))

How to crack 37366.zip file? I use rockyou.txt and fcrackzip and nothing. How to crack it?

@fabreeze said:
For some reason I was able to extract the file with a different password which would corrupt the image… interesting

This. Is why it’s not wise to just throw rockyou at everything. Well, one of the reasons.

Obviously something went wrong, I solved it yesterday. Make sure you have nesessary software to open the file. This is SQL database, you can use SQLite in Linux, e.g.

A bit late here.Not necessarily true. Notepad++ worked for me. No need for a SQL software.

Also to the guys/gals that used python scripting: I wrote a simple python script in Python 2.7.9 that used ZipFile. The thing is, that it was a bit slow extracting the files. Not slow like after the 300th zip file in, right from the start. Is it normal and how can I optimize my procedure? Anyone that has any info can send me a message.

And a last thing, I also found that rockyou had at least half a dozen false positives before I stopped it. I just used my intuition and picked the most plausible one. Good to know that any other attempt would corrupt my file.

Thanks

How many zip files appear before it reaches the end?

completed this challenge if need any help feel free to ask.

■■■■ done next… :+1:

Grrr…dat last password lol…
I did not solve it in the most elegant way, but if you need a tip let me know

Very good task

crackzip -v -u -D -p /usr/share/wordlists/rockyou.txt 37366.zip
found file ‘5900.zip’, (size cp/uc 460497/460340, flags 1, chk 04db)
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: Unterminated quoted string
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: EOF in backquote substitution
sh: 1: Syntax error: Unterminated quoted string
Any help!! Would be appericate!! What just happen did!! Cant get through! any clue would be helpful

Type your comment> @Frrag said:

How to crack 37366.zip file? I use rockyou.txt and fcrackzip and nothing. How to crack it?

Did you solve the the first stage !! With 37366.zip file How did you carack anyhint PM me!!!

YEah!! Solve it!! PM me for the help hahahaha… IT was so easy now i wonder i am this is teaser for noob like me!!

There are more than 500 zips.
Tfw no basic shell script just using
internal=“`unzip -Z -1 $nome`”

Hint for the last file: think it as it is just a .txt

Type your comment> @DrV01d said:

I created a python script to extract all, bruteforce and exctract the flag… I’m lazy ahaha

Can you DM me?

Pfff hahaha, what a challenge, it took me hours :expressionless:
Just to figure out i shouldnt start bruteforcing everything :smiley:

This helped me with scripting: fcrackzipinfo.
This returns valuable information, and does not leave your cli hanging waiting for userinput.

I used php for this one, together with bash commands in system()
I dont care, it works :stuck_out_tongue:
If you need help, DM me

ofcourse fcracpzipinfo needs to be fcrackzipinfo

used a simple bash script to make it to 6969 in 5 seconds

ok so final "Do******ch file, after quick cat seems to me to be a db file, onwards and upwards to root