search

Panda

hashtag
Description

I wanted to convey a message to my friend, but so that no one would guess. I archived it, but forgot the password...

Panda.ziparrow-up-right

hashtag
Solution

Since there's a password on zip first lets get password.

└─$ zip2john Panda.zip > Panda.hash

└─$ john --wordlist=$rockyou Panda.hash
Warning: detected hash type "ZIP", but the string is also recognized as "ZIP-opencl"
Use the "--format=ZIP-opencl" option to force loading these as that type instead
Using default input encoding: UTF-8
Loaded 1 password hash (ZIP, WinZip [PBKDF2-SHA1 128/128 AVX 4x])
Will run 2 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
2611             (Panda.zip/panda.jpg)
1g 0:00:00:28 DONE (2024-01-15 23:21) 0.03522g/s 15726p/s 15726c/s 15726C/s 27032008..1z2z3z4z
Use the "--show" option to display all of the cracked passwords reliably
Session completed

└─$ 7z x Panda.zip -p2611

7-Zip [64] 17.05 : Copyright (c) 1999-2021 Igor Pavlov : 2017-08-28
p7zip Version 17.05 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,64 bits,2 CPUs x64)

Scanning the drive for archives:
1 file, 156191 bytes (153 KiB)

Extracting archive: Panda.zip
--
Path = Panda.zip
Type = zip
Physical Size = 156191

Everything is Ok

Files: 2
Size:       156068
Compressed: 156191
panda
panda1

The second image seems to be same image but distorted, so I tried checking the difference.

Cool trick I picked up from RobertElderSoftwarearrow-up-right (The 'comm' Command In Linuxarrow-up-right), but applied to diff.

Anyway lets see the difference:

At this point I straight up guess the flag: grodno{kung_fu_p4nd4}

circle-check

Flag: grodno{kung_fu_p4nd4}

PreviousInept ReverserNextMigraine

Last updated