Tags: ocr batchprocessing
Rating:
## Stolen Licenses
We first tried to crack the zip using `zip2john` and `john` with both wordlists like rockyou and english lists so we used the first hint
It says possibly single word from recently added words to well know dictionary.
So we went and searched for recently added words by Oxford as well as Merriam-Webster and compiled them into a `list.txt`
For example for Merriam-Webster, we can do the following to get the list of words in their words at play column
```js
list = document.getElementsByTagName("em")
str = ""
list.forEach((val, ind, arr) => { str = str + val.innerHTML + "\n"})
copy(str.toLowerCase())
```
u can then paste them into a list.txt and pass it to john using
```bash
zip2john licenses.zip > licenses.hash
fcrackzip licenses.zip -v -D -p list.txt
```
And our zip password `nosocomephobia`
Thats like 1/3 if the challenge
Now we have a list of images which we need to extract the text and get the check digits to see which one is valid
Extract and cd into the img folder and run
```bash
mkdir crop
for FILE in *.png; do magick -extract 600x50+100+450 $FILE crop/$FILE; done
```
After extracting the keys convert them all to text with
```bash
mkdir txt && cd txt
for i in *.png; do b=`basename "$i" .png`; tesseract "$i" txt/$b ;done
cd txt
for i in *.txt; do cat $i | tr -cd [:digit:] > $i ;done
```
Python script to check if valid
```py3
import os
import fast_luhn as fl
def read_first_line(filename):
with open(filename) as f:
return f.readline()
for filename in os.listdir(os.getcwd()):
if os.path.isfile(filename) and filename.endswith(".txt"):
str = read_first_line(filename)
if fl.validate(str):
print(str)
```
Run it and bam
flag : `78124512846934984669`
