Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 18 Aug 2011 11:35:19 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: Request for encrypted zip files.

I would like to request people to send me some encrypted zip file examples,
using the 'old' PKWARE encryption method.  I need people to zip up 3 or 4
small files, use the same password for all.  Also, zip the same files
without the password, using the same encryption package.

 

Then, provide me with the 2 zip's, the password used, what OS, what zip
program (and version).

 

I do not need pkware zip 2.08g or 2.50. 

 

Mostly, I am looking for these zippers:

 

InfoZip, MAC (older versions)

ZipIt mac, first version, and v.1.3.5 and newer

Different Info-Zip versions.

Different versions (especially older) of winzip, or freezip.

 

I need this, to try to find out which packages use 1 and which packages use
2 byte checksums within the encryption checksum code.   The 2 byte checksums
allow john to have to decrypt/decompress a lot less frequently.  Testing the
checksums is much faster, and the more passwords that can be eliminated with
just a checksum check, the faster john will process.  Now, the 'safe' way to
proceed, is to always decrypt/decompress check if a single byte checksum it
happens, but if we know that a specific package can be detected, and it
produces 2 byte checksums, then we would want to proceed using both bytes.

 

At this time, it appears InfoZip does this (2 byte).  I have some checks in
to detect infozip, but I do not know if all versions on all OS's behave the
same way.  Thus the request for samples.

 

My email is   jfoug   at  cox^net    Replace the ^ with a . and the at with
@    DO NOT send anything sensitive in nature.  A simple set of dummy text
files with junk data is just fine, along with a small binary file.

 

I am posting to john-dev at this time.  I may make the same post on
john-users if there are not enough results from this query.

 

Jim.

 


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.