Known : Florent devait me donner le flag pour ce challenge, il s'est trompé en zippant le fichier. Du coup, impossible de le récupérer car il est chiffré. Est-ce si impossible à le récupérer ?
First, let’s take a look at the file :
In this zip we have two other zip, encypted.zip and known.zip. So let’s unzip the first one.
We analyze the encrypted.zip :
It contains one folder with Bandeau_hacksecureims2019.png and a text file flag.txt which might be the one we are looking for !
Analyze the second zip known.zip :
It just contains Bandeau_hacksecureims2019.png. To unzip encrypted.zip we need a password, but if we unzip the second known.zip we get the image Bandeau_hacksecureims2019.png.
At this moment, we have everything we need to break the encrypted.zip. I used pkcrack to break the PkZip-encryption(Link).
Run this command to break the encrypted.zip :
pkcrack -C encrypted.zip -c "banner/Bandeau_hacksecureims2019.png" -P known.zip -p "Bandeau_hacksecureims2019.png" -d flag.zip
Result :
We now have a new zip flag.zip, unzip it and you get the flag :
Flag:
URCACTF{Pl4intext_4tt4cks_4re_c00l!}
