HACKvent 2015: Day 10

Hackvent 20154900

Challenge

get the ZIP, you'll know what's to do!

The following zip file was also provided: HV15-Day10-nasty-Shit.zip

Solution

We notice that the zip file nasty-Shit.zip contains one zip file called 1.zip, that contains one zip file called 2.zip and so on. I also know that the file zile will keep getting lower and lower in file size the more we extract (due to ZIP headers and padding). Furthermore, opening the file in HxD (the hex editor) allows us to see the names of all embedded zip files. We see the number 30546.zip among many others so we know there are a lot of files here!

We write a quick python script to recursively extract each zip file.
Script:

import os.path, sys
from subprocess import call

partNum = 1
partStr = str(partNum) + ".zip"

while os.path.isfile(partStr):
  
  #unzip
  call(["unzip", partStr])
  
  #remove old file
  os.remove(partStr)
  
  # increment part num
  partNum += 1

  # construct file name
  partStr = str(partNum) + ".zip"

Finally we reach the zip file: 31337.zip which is different from all of the other files.
This zip file contains one file called worst.500 and is password protected.

We use the glorious Accent Zip Password Recovery to crack the password in milliseconds.

The password for the zip file is: love

We extract the file, look inside and find the flag!

Flag:

HV15-iQYf-adNg-o4S9-JHc7-vfWu

Leave a comment

(required)(will not be published)(required)

Comments

There are no comments yet. Be the first to add one!