This question examines plaintext attacks
text
After decompression, two compressed packages are obtained:
._none.zip cannot be decompressed, but there is a compressed package and a picture in none.zip:
There are two encrypted files in res.zip:
Therefore, this question examines image steganography. Use 010 to open the image and see flag.txt at the end.
It means that the picture has been modified, its source file is zip, and the zip file header is: 50 4B 03 04
Therefore, choose to paste 0 bytes at 03:
Enter 2:
Just change the following 00 00 to 50 4B:
Save as woo.zip file to open flag.txt:
It is not feasible to use this string as the password to decrypt res.zip
Combining the title plaintext attack with the compressed package attributes (the CRC, size, and name of flag.txt are all consistent):
It is guessed that flag.txt is stored in the two zips in the same way, and it can also be inferred that the two zips are compressed using the same encryption algorithm.
Therefore, you can use woo.zip as the plain text file and res.zip as the encrypted file to carry out plain text attacks.
Get the decrypted file and get the flag after opening it
flag{3te9_nbb_ahh8}