Root-me.org

File - PKZIP

A protected ZIP file, you have to find what’s inside.

This time we got a zip file and we have to find what’s inside.

Since we don’t have any clues, so we’ll brute force it. We’ll be using fcrackzip to bruteforce it and the password list from seclist.

Seclist: https://github.com/danielmiessler/SecLists

Software: https://github.com/hyc/fcrackzip

fcrackzip -v -D -p 10_million_password_list_top_1000000.txt -u ch5.zip 

found file 'readme.txt', (size cp/uc     99/   111, flags 9, chk 005c)
PASSWORD FOUND!!!!: pw == 14535

We got a password, let’s try it.

unzip ch5.zip
Archive:  ch5.zip
[ch5.zip] readme.txt password: 
  inflating: readme.txt
  
cat readme.txt

Use ZIP password to validate this challenge.
Utiliser le mot de passe de l'archive pour valider le challenge.