Misc - 008

备注

created by || bit

⏲️ Release Date // 2022-03-04

💀 Solvers // 228

🧩 Type // misc

Flag inside the zip file.

直接将 zip 文件进行密码爆破，首先提取zip文件的哈希

┌─[randark@parrot]─[~]
└──╼ $zip2john 008.zip 
Created directory: /home/randark/.john
008.zip/flag.txt:$zip2$*0*3*0*751e06905814ebe63a63c72e8755d887*d807*e*25e3c7613e997071cd21a2163883*ba4cf18e59493b2515da*$/zip2$:flag.txt:008.zip:008.zip

可以确定哈希类型为

Hash-Mode	Hash-Name
13600	WinZip

使用 hashcat 进行爆破

PS D:\_Tool\hashcat-6.2.6> .\hashcat.exe -d 2 -O -a 0 -m 13600 .\hash.txt .\dics\rockyou.txt
hashcat (v6.2.6) starting

Dictionary cache hit:
* Filename..: .\dics\rockyou.txt
* Passwords.: 14344385
* Bytes.....: 139921507
* Keyspace..: 14344385

$zip2$*0*3*0*751e06905814ebe63a63c72e8755d887*d807*e*25e3c7613e997071cd21a2163883*ba4cf18e59493b2515da*$/zip2$:survivor

Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 13600 (WinZip)
Hash.Target......: $zip2$*0*3*0*751e06905814ebe63a63c72e8755d887*d807*.../zip2$
Time.Started.....: Fri Feb 02 22:25:10 2024 (0 secs)
Time.Estimated...: Fri Feb 02 22:25:10 2024 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (.\dics\rockyou.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#2.........:  1274.4 kH/s (10.96ms) @ Accel:4 Loops:999 Thr:256 Vec:1
Recovered........: 1/1 (100.00%) Digests (total), 1/1 (100.00%) Digests (new)
Progress.........: 16384/14344385 (0.11%)
Rejected.........: 0/16384 (0.00%)
Restore.Point....: 0/14344385 (0.00%)
Restore.Sub.#2...: Salt:0 Amplifier:0-1 Iteration:0-999
Candidate.Engine.: Device Generator
Candidates.#2....: 123456 -> cocoliso
Hardware.Mon.#2..: Temp: 46c Util: 83% Core:1987MHz Mem:6000MHz Bus:8

flag

HMV{cromiphi}

Misc - 008

flag​

flag