TAMUctf 2021 Unzip Solution

TAMUctf 2021 Unzip - 100 points

Hey, can you unzip this for me? chall.zip

Step 1: Convert the zip file to a file that John can crack.

Note that this is a pretty standard tool…


zip2john ~/Downloads/chall.zip >~/altsci/tamuctf/chall.txt

chall.txt:

chall.zip/flag.txt:$pkzip2$1*2*2*0*30*24*75c0f8c7*0*42*0*30*75c0*b004*e980ad8b1ffd804291d329b24794613bf3484fa6292fd97a57836440dfce9ce753a89d0ad9a8b16b042ecee459ed1274*$/pkzip2$:flag.txt:chall.zip::/home/jvoss/Downloads/chall.zip

Step 2: Crack the password.

john --format=raw-sha256 --rules --wordlist=crack/ai3words_order.txt ~/altsci/tamuctf/chall.txt

John cracks it pretty quickly with a simple wordlist but I chose to use the AI3 wordlist which you can download with my DNSSEC research.

The password is hunter2, a common IRC joke.

unzip chall.zip 
Archive:  chall.zip
[chall.zip] flag.txt password: 
cat flag.txt 
gigem{d0esnt_looK_lik3_5t4rs_t0_M3}

The flag is gigem{d0esnt_looK_lik3_5t4rs_t0_M3}