Home / Individual Game / Password Cracking / Password CH3
⬅ Back Next ➡

Password Cracking Challenge 3 - Upload

Prompt

An intern at Friendly and Associates attempted to upload a personal archive through a company tool that demands the user set a password that follows company guidelines. The transfer failed midstream, and IT managed to recover a copy of the encoded upload. Policy requires determining what data they tried to upload, can you find it? Hint: We know Friendly and Associates’ password policy: The password must contain at least: 8 characters, one lowercase letter, one uppercase letter, one digit, and one symbol. Not much seems to have changed since before the 2010s.

Answers

Q1 (15 pts) - What is the password to the zip archive?
123qwe!@#QWE

Q2 (15 pts) - What is the password to the encrypted file inside the zip archive?
N/A

Q3 (15 pts) - What is the flag?
First thing I did was open the txt file. Reminded me of the Crypto Mirror challenge

Steps I Took

I started by using CyberChef to decode the Base64 data.

Screenshot

I tried using XOR next, but I could not get a valid output.

I also tried running hashcat hash to see whether it would identify a hash type, mostly to confirm I was not missing something obvious. It did not help.

Screenshot

I decoded the Base64 into a ZIP file from the command line.

Screenshot

I viewed the contents of the ZIP and found a few images along with a 7z archive.

Screenshot

I tried to unzip it, but it required a password. I found the following ZIP password cracking tool: https://www.kali.org/tools/fcrackzip/

It took a few attempts to get the command syntax right.

Screenshot

That cracked the ZIP password.

When I tried to open flag.7z, it also required a password, so I had to crack that next. I then found a 7z password cracking method here:

Screenshot

$7z$2$19$0$$16$513b420626ae97e564787c0d3e1c4392$1126693029$32$17$8043e33e0a6e61dc2226f530e0acf8afe378b0a1891fa099226a322bb62aeb14$13$00

I used hashcat for that stage.

Screenshot

I first tried a hybrid attack that matched the password requirements, but the estimate was around 23 years, so I had to rethink the approach.

Screenshot

Ran it against seclist walk the line wordlist had it run in the background while I did other challenges It did not crack it

Screenshot