8

I'm taking part in a capture-the-flag exercise; the level of difficulty is competent, but non-expert. I'm not a security practitioner, but I do have a development background and a reasonable knowledge of standard tools and techniques.

One task involves a number of steps to recover an encrypted zip file, which I have done. The zip then contains a single file, flag.txt - the target. The final step is to break the encryption.

The zip file is small, 190 bytes in total, and analysis of the zip file header with a hex editor shows it was created with the v2.0 PKzip format (which I understand is relatively insecure). The target file itself is 28 bytes long.

I've run a dictionary attack with the rockyou wordlist, and a brute-force attack of the full lowercase/uppercase/numeric/special character set up to five characters, without any luck (both with fcrackzip on kali Linux). The challenge is not at a level where we should be using specialist kit (e.g. GPU-based cracking), so if brute-force was the answer then i'd expect a very simple password.

So I must be missing a trick. Can anybody suggest what it could be? I'm aware that the PKZip v2 format has a known-plaintext attack, but I believe this is most commonly used in the case that the zip contains one or more commonly-available files (e.g. a widely-available jpg or jar file) that can be found elsewhere to provide the plaintext, and I don't have that here. Are there other attacks that I haven't found? Or is known-plaintext the only remaining answer, and I need to try and figure out what could be in the file? As I understand it, it is just about large enough for known-plaintext to be applied?

Thank you for any thoughts

strmqm
  • 183
  • 1
  • 5
  • 1
    By the way, if I create test encrypted zip files with a four-character random password or with a dictionary word from the wordlist then I can decrypt both with fcrackzip, so i'm confident that i'm using the tools correctly – strmqm Oct 14 '17 at 11:21
  • 3
    It's very rare on a CTF to need crack a zip by brutefore. Are you sure you are not missing the "right" way to do it? Which ctf is? – OscarAkaElvis Oct 14 '17 at 17:16
  • 1
    https://crypto.stackexchange.com/questions/19716/zip-2-0-encryption-bruteforce-attack Have a look at this Q&A at the Crypto Stackexchange. – vidarlo Oct 15 '17 at 09:17
  • 1
    Just to wrap this up, I was indeed missing the "right" way to do it - the zip password was hidden in some traffic earlier in the pcap I grabbed the zip from. Bit obscure, but I guess I learned a lot about cracking zip files, even if I didn't need to – strmqm Nov 12 '17 at 12:17

1 Answers1

5

A few suggestions:

  • Try building a dictionary based on all strings you can find on the system.
  • Check that the ZIP file really is encrypted, and not just using a dummy header.
  • Make sure the header is not corrupt, or a cracking tool may fail even if it has the right key.
  • It's possible that the key is hidden somewhere, and you have to find it to get that flag.
  • Depending on the level of access you have, the key might be in memory.

Without more information about the specific task, there's really not much anyone can do to help.

guest
  • 78
  • 2