Hi!
Is there any other way to solve the challenge except for bruteforcing the last zip?
Hi!
Is there any other way to solve the challenge except for bruteforcing the last zip?
Not that i found. Although i would recommend a dictionary attack instead.
you extracted all zip files ?
The last zip can be extracted using a common wordlist.
But what I fould there didn’t lead me to the flag… What sould I do with this datebase?
I already searched for the flag but I can’t find it.
Okay, that was easier than expected. Got the flag
Very interesting challenge. Wrote an automation script to get to the last zip and then brute forced and found the password in 5 seconds. And then used “browser” to view the data. Enjoy!
Anyone mind PMing me on this? I have been trying to write a bruteforce script for this, but I’m not sure why it’s not working.
UPDATE: Solved.
So I know how this challenge works, but my scripting knowledge is very limited! Time to learn I suppose.
scripting will help to complete this challenge with in minutes.i dont know how much time it will take to manually unzip few hundred zip.
It was a fun challenge learning to script around the problem. Fun challenge.
Php script is a nice tool to solve challenges like this. Only a recursive function with shell exec need it.
Btw: Very clever challenge
I could be wrong… but I think bash is even faster than PHP. I did it in about 5 lines to unpack and cd
I created a python script to extract all, bruteforce and exctract the flag… I’m lazy ahaha
lol, here come the language wars.
p.s. I did mine in expect.
@dispareo said:
I could be wrong… but I think bash is even faster than PHP. I did it in about 5 lines to unpack and cd
I wrote a python script to loop-unpack but (excluding the helper output lines) it is 15 lines of code. Can you (or others who have short script) post (or personal message me) your code. I would like to know the shortest and fastest way to write scripts like this (in any language).
I’m writing a script, but when I use a dictionary with fcrackzip, it has not brought me the password. I do a test, and the result when it finds a password is:
fcrackzip -D -p rockme.txt teste.zip -u -v
found file ‘teste.txt’, (size cp/uc 17/ 5, flags 1, chk e6b4)
I need to know the password, to implement my script. Someone has the same problem? How to solve?
I don’t remember a teste.zip file in this… but you only need to crack the final zip after looping through … whatever else… is in there beforehand. You can “guess” whatever other passwords you need before that.