Download the file at and use the included word list to extract the flag.

We're given a zip file, a wordlist, and a password policy for mangling to try it against.

Using john (again) because we're lazy, but with --rules enabled:

zip2john > flag.hash
john --wordlist=wordlist.txt --rules flag.hash
john --show flag.hash

Using this password Cartoon4 on the zip file, we can open flag.txt:

Flag: mangLINg-w0RDs-62517

Still overkill, whoop!