Hello Everyone!
I’m Tareq from Knight Squad.
Recently we’ve played a CTF. And this is a writeup for a Forensics challenge named “Secure Zip”.
In this challenge we are provided with some txt and a zip file. While I was trying to unzip the file it asked for a password but I didn’t knew the password. Than I go for the hints.
There were two hints. The first hint was “A quick google search of “Free/Fast Zip password cracker will help find the right command.” After searching “Free/Fast Zip password cracker for Linux” I came up with an result “Fcrackzip”. I simply installed it with “sudo apt install fcrackzip“.
After searching a little bit more about fcrackzip I was able to crack the password of the zip file. I used the following command to crack the zip file password.
Command : fcrackzip -v -u -D -p <wordlist_location> <file>
- -u (–use-unzip); helps with false positives
- -D (–dictionary); selects dictionary mode
- -p (–init-password string); use to select the rockyou.txt file
- -v (–verbose); not required
After that I simply unzipped the file & got two text file. One is flag.txt & the another one is homework.txt. The both file contained the flag.
So that was the flag. Hope you guys enjoyed. It was a quite easy challenge. Don’t forget to share your feedbacks in the comment section below and stay tuned with us for more interesting challenge walkthroughs.
Thank You
tareq@knightsquad