[H4CK1T 2016] Hex0gator – Paraguay Writeup



EN: All Experts of The Silver Shield Project can’t decipher the intercepted data. Who knows, maybe you can do it?


In this PPC 250 pts challenge we got only one file. Let’s run File command on it to determine it’s type.

Megabeets:/tmp/h4ckit/paraguay# file 100_00edb54bed7e46bd5cdb7c06059881c2
100_00edb54bed7e46bd5cdb7c06059881c2: Zip archive data, at least v2.0 to extract


This is a zip file which contains another folder within. The folder contains a file named ‘99‘. Let’s extract it and figure out it’s type:

Megabeets:/tmp/h4ckit/paraguay# file 99
99: Zip archive data, at least v1.0 to extract

99 is also a zip file, and inside it has another zip, and another zip… well, I see where it going to. I wrote a simple Powershell script to extract all the archives using the ultimate archive manipulator – 7-zip.

# Set $path to a folder only with the file '99'
# 99 Exists in 'work_folder' inside the first archive

$path = "C:\\your\\\path"

    $file = (gci $path)[0]
    &'C:\Program Files\7-Zip\7z.exe' e $file.Fullname -y > $null
    if($file.Name -eq 'flag')
        # print the content of the file
        gc $file

        Remove-Item $file.Fullname

Now let’s run it:

PS C:\h4ckit\paraguay> C:\h4ckit\paraguay\solve.ps1



Leave a Reply

Your email address will not be published. Required fields are marked *