Synopsis
We only Have a weird zip file but let's do this !
Step 1: Brute force
The zip file is password protected, first thing to do, let's try to crack the password...
fcrackzip turtles128.zip -D -p /usr/share/wordlists/rockyou.txt -u
PASSWORD FOUND!!!!: pw == 0
Step 2: How it works
Once we know that the password is '0', we can unzip the file, TADA ! What we found is just another zip file 'turtle127.zip', we can easily guess that there are 128 zip files to decode.
Okay, At this time I was a bit lost, but when I discovered that Every zip files passwords were '0' or '1' I understood that I should write down every
passwords
Step 3: Scripting
Here's my script to unzip every files.
import zipfile
import os
GLOB_BEGIN="turtles"
GLOB_END=".zip"
GLOB_NUM = 128
def get_name(i):
return GLOB_BEGIN+str(i)+GLOB_END
def try_mdp(filename):
pswd = '0'
pswd2 = '1'
try:
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd, 'utf-8'))
return pswd
except :
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd2, 'utf-8'))
return pswd2
if __name__ == "__main__":
MDP=""
while 1:
print("mdp: " + MDP)
MDP+=try_mdp(get_name(GLOB_NUM))
GLOB_NUM-=1
Et voilĂ , Here is the cypher:
00111101110010010000011011110110100100101000111011101000100000101100110010110001101110001011110111010001010010101010001001001100
Also, The last zip file contains a png picture showing the following key:
ed570e22d458e25734fc08d849961da9
Last Step: Decode AES
I've export the binary code as a raw file, then I've decode it with the key
Here is the flag: flag{steg0_a3s}
fcrackzip turtles128.zip -D -p /usr/share/wordlists/rockyou.txt -u
PASSWORD FOUND!!!!: pw == 0
Step 2: How it works
Once we know that the password is '0', we can unzip the file, TADA ! What we found is just another zip file 'turtle127.zip', we can easily guess that there are 128 zip files to decode.
Okay, At this time I was a bit lost, but when I discovered that Every zip files passwords were '0' or '1' I understood that I should write down every
passwords
Step 3: Scripting
Here's my script to unzip every files.
import zipfile
import os
GLOB_BEGIN="turtles"
GLOB_END=".zip"
GLOB_NUM = 128
def get_name(i):
return GLOB_BEGIN+str(i)+GLOB_END
def try_mdp(filename):
pswd = '0'
pswd2 = '1'
try:
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd, 'utf-8'))
return pswd
except :
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd2, 'utf-8'))
return pswd2
if __name__ == "__main__":
MDP=""
while 1:
print("mdp: " + MDP)
MDP+=try_mdp(get_name(GLOB_NUM))
GLOB_NUM-=1
Et voilĂ , Here is the cypher:
00111101110010010000011011110110100100101000111011101000100000101100110010110001101110001011110111010001010010101010001001001100
Also, The last zip file contains a png picture showing the following key:
ed570e22d458e25734fc08d849961da9
Last Step: Decode AES
I've export the binary code as a raw file, then I've decode it with the key
Here is the flag: flag{steg0_a3s}
Step 3: Scripting
Here's my script to unzip every files.
import zipfile
import os
GLOB_BEGIN="turtles"
GLOB_END=".zip"
GLOB_NUM = 128
def get_name(i):
return GLOB_BEGIN+str(i)+GLOB_END
def try_mdp(filename):
pswd = '0'
pswd2 = '1'
try:
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd, 'utf-8'))
return pswd
except :
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd2, 'utf-8'))
return pswd2
if __name__ == "__main__":
MDP=""
while 1:
print("mdp: " + MDP)
MDP+=try_mdp(get_name(GLOB_NUM))
GLOB_NUM-=1
Et voilĂ , Here is the cypher:
00111101110010010000011011110110100100101000111011101000100000101100110010110001101110001011110111010001010010101010001001001100
Also, The last zip file contains a png picture showing the following key:
ed570e22d458e25734fc08d849961da9
Last Step: Decode AES
I've export the binary code as a raw file, then I've decode it with the key
Here is the flag: flag{steg0_a3s}
Here's my script to unzip every files.
import zipfile
import os
GLOB_BEGIN="turtles"
GLOB_END=".zip"
GLOB_NUM = 128
def get_name(i):
return GLOB_BEGIN+str(i)+GLOB_END
def try_mdp(filename):
pswd = '0'
pswd2 = '1'
try:
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd, 'utf-8'))
return pswd
except :
with zipfile.ZipFile(filename) as file:
file.extractall(pwd = bytes(pswd2, 'utf-8'))
return pswd2
if __name__ == "__main__":
MDP=""
while 1:
print("mdp: " + MDP)
MDP+=try_mdp(get_name(GLOB_NUM))
GLOB_NUM-=1
Et voilĂ , Here is the cypher:
00111101110010010000011011110110100100101000111011101000100000101100110010110001101110001011110111010001010010101010001001001100
Also, The last zip file contains a png picture showing the following key:
ed570e22d458e25734fc08d849961da9
Last Step: Decode AES
I've export the binary code as a raw file, then I've decode it with the key
Here is the flag: flag{steg0_a3s}
import zipfile import os GLOB_BEGIN="turtles" GLOB_END=".zip" GLOB_NUM = 128 def get_name(i): return GLOB_BEGIN+str(i)+GLOB_END def try_mdp(filename): pswd = '0' pswd2 = '1' try: with zipfile.ZipFile(filename) as file: file.extractall(pwd = bytes(pswd, 'utf-8')) return pswd except : with zipfile.ZipFile(filename) as file: file.extractall(pwd = bytes(pswd2, 'utf-8')) return pswd2 if __name__ == "__main__": MDP="" while 1: print("mdp: " + MDP) MDP+=try_mdp(get_name(GLOB_NUM)) GLOB_NUM-=1
Et voilĂ , Here is the cypher:
00111101110010010000011011110110100100101000111011101000100000101100110010110001101110001011110111010001010010101010001001001100
Also, The last zip file contains a png picture showing the following key:
ed570e22d458e25734fc08d849961da9
Last Step: Decode AES
I've export the binary code as a raw file, then I've decode it with the key
Here is the flag: flag{steg0_a3s}
Last Step: Decode AES
I've export the binary code as a raw file, then I've decode it with the key
Here is the flag: flag{steg0_a3s}
I've export the binary code as a raw file, then I've decode it with the key
Here is the flag: flag{steg0_a3s}
Here is the flag: flag{steg0_a3s}