Protected Archives

ℹ️ Informations¶

• 🌐 Website: HackTheBox
• 📚 Module: Password Attacks
• 🔗 Link: Protected Archives

❓Question¶

No questions

📋 Walkthrough¶

Reuse password: kira:L0vey0u1!

1. Find the Notes.zip file on the remote machine:

   kira@nix01:~/Downloads$ find / -type f -name "Notes.zip" 2>/dev/null
   /home/kira/Documents/Notes.zip
   

2. Copy the Notes.zip file from the remote machine to the local machine:

   ┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
   └─$ scp kira@10.129.202.64:/home/kira/Documents/Notes.zip .
   kira@10.129.202.64's password: 
   Notes.zip                                       100%  222     4.5KB/s   00:00    
   

3. Verify the presence of the Notes.zip file in the local directory:

   ┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
   └─$ ls             
   academy-regular.ovpn  custom.rule  hydra.restore  Notes.zip      rsa
   compressed_ext.txt    hash         mut.txt        password.list  username.list
   

4. Extract the hash from the Notes.zip file using zip2john:

   ┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
   └─$ zip2john Notes.zip >hash      
   ver 1.0 efh 5455 efh 7875 Notes.zip/notes.txt PKZIP Encr: 2b chk, TS_chk, cmplen=38, decmplen=26, crc=D0CED23B ts=7EF8 cs=7ef8 type=0
   

5. Use John the Ripper to crack the password of the Notes.zip file:

   ┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
   └─$ john -w=mut.txt hash                         
   Using default input encoding: UTF-8
   Loaded 1 password hash (PKZIP [32/64])
   Will run 24 OpenMP threads
   P@ssw0rd3!       (Notes.zip/notes.txt)     
   1g 0:00:00:00 DONE (2025-03-18 09:57) 100.0g/s 9404Kp/s 9404Kc/s 9404KC/s l0vely84!..Yellow99!
   Use the "--show" option to display all of the cracked passwords reliably
   Session completed. 
   

6. Extract the contents of the Notes.zip file using the cracked password:

   ┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
   └─$ unzip Notes.zip 
   Archive:  Notes.zip
   [Notes.zip] notes.txt password: 
    extracting: notes.txt               
   

7. Verify the presence of the extracted notes.txt file:

   ┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
   └─$ ls
   academy-regular.ovpn  hash           notes.txt      rsa
   compressed_ext.txt    hydra.restore  Notes.zip      username.list
   custom.rule           mut.txt        password.list  zip.hash
   

8. Read the contents of the notes.txt file to obtain the flag:

   ┌──(kali㉿kali)-[~/Desktop/HTB/Academy]
   └─$ cat notes.txt                  
   HTB{ocnc7r4io8ucsj8eujcm}