Tags: forensics 

Rating: 0

# All the Zips

We're given a zip file with a bunch more zip files inside of it. They're all protected by a dictionary word.

This is a script that I wrote to bruteforce all of them given a dictionary.

```python
#!/usr/bin/env python3

import sys
import zipfile

def crack(wname, zf):

with zipfile.ZipFile(zf) as z:
with open(wname, "r") as f:
for word in f:
try:
z.extractall("output/%s" % zf.strip(".zip"), pwd=bytes(word.strip("\n"), "utf-8"))
print(":: [%s] SUCCESS %s" % (zf, word), end="")
return
except KeyboardInterrupt:
exit()
except:
print(":: [%s] ATTEMPT %s" % (zf, word), end="")

def main(wname):

znames = ["zip%d.zip" % i for i in range(0, 140)]

for zname in znames:
crack(wname, zname)

if __name__ == "__main__":
main(sys.argv[1])
```

The wordlist that I used was https://github.com/dwyl/english-words/blob/master/words_alpha.txt

These were the results of running the script:

![](https://raw.githubusercontent.com/shawnduong/ctf-writeups/master/2019-TJ/images/all-the-zips.png)

```
tjctf{sl4m_1_d0wn_s0_that_it5_heard}
```