I Will Rock You
Énoncé
Trouvez le flag à l’intérieur du firmware.
Solve
1
2
3
4
5
6
7
8
|
binwalk -e Firmware.zip
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
WARNING: Extractor.execute failed to run external extractor 'jar xvf '%e'': [Errno 2] No such file or directory: 'jar', 'jar xvf '%e'' might not be installed correctly
16 0x10 Zip archive data, encrypted at least v2.0 to extract, compressed size: 19065659, uncompressed size: 19111936, name: fs.bin
19065831 0x122EBE7 End of Zip archive, footer length: 22
|
We will bruteforce the zip with the wordlist rockyou as the name of the challenge indicates :
1
2
3
4
5
6
7
8
9
10
|
john --wordlist=/usr/share/wordlists/rockyou.txt hash
Using default input encoding: UTF-8
Loaded 1 password hash (PKZIP [32/64])
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
advenger (10.zip/fs.bin)
1g 0:00:00:01 DONE (2022-10-08 00:47) 0.7633g/s 7904Kp/s 7904Kc/s 7904KC/s afermative..adorne2
Use the "--show" option to display all of the cracked passwords reliably
Session completed.
|
We find the password advenger :
1
2
3
4
5
|
unzip 10.zip
Archive: 10.zip
[10.zip] fs.bin password: advenger
inflating: fs.bin
|
A little strings + grep combo to find the flag :
1
2
|
strings fs.bin | grep -i hackvens
aa idxtape3isdn1 udvboxdvokp24Bleya737AddSearchtfido6017fmaiL$5$gG4RmX4EtzdRNh$KsPMqAOqhUB7vodGuJSw5IJ/g19.JBfmYQ.aHqfqAKD:*ncashHACKVENS{w3_w1ll_R0ck_y0u}
|
Flag : HACKVENS{w3_w1ll_R0ck_y0u}
