Rootme PKZIP
Root-me.org
File - PKZIP
A protected ZIP file, you have to find what’s inside.
This time we got a zip file and we have to find what’s inside.
Since we don’t have any clues, so we’ll brute force it. We’ll be using fcrackzip to bruteforce it and the password list from seclist.
Seclist: https://github.com/danielmiessler/SecLists
Software: https://github.com/hyc/fcrackzip
fcrackzip -v -D -p 10_million_password_list_top_1000000.txt -u ch5.zip
found file 'readme.txt', (size cp/uc 99/ 111, flags 9, chk 005c)
PASSWORD FOUND!!!!: pw == 14535
We got a password, let’s try it.
unzip ch5.zip
Archive: ch5.zip
[ch5.zip] readme.txt password:
inflating: readme.txt
cat readme.txt
Use ZIP password to validate this challenge.
Utiliser le mot de passe de l'archive pour valider le challenge.