Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 18 Aug 2011 11:35:19 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: Request for encrypted zip files.

I would like to request people to send me some encrypted zip file examples,
using the 'old' PKWARE encryption method.  I need people to zip up 3 or 4
small files, use the same password for all.  Also, zip the same files
without the password, using the same encryption package.

 

Then, provide me with the 2 zip's, the password used, what OS, what zip
program (and version).

 

I do not need pkware zip 2.08g or 2.50. 

 

Mostly, I am looking for these zippers:

 

InfoZip, MAC (older versions)

ZipIt mac, first version, and v.1.3.5 and newer

Different Info-Zip versions.

Different versions (especially older) of winzip, or freezip.

 

I need this, to try to find out which packages use 1 and which packages use
2 byte checksums within the encryption checksum code.   The 2 byte checksums
allow john to have to decrypt/decompress a lot less frequently.  Testing the
checksums is much faster, and the more passwords that can be eliminated with
just a checksum check, the faster john will process.  Now, the 'safe' way to
proceed, is to always decrypt/decompress check if a single byte checksum it
happens, but if we know that a specific package can be detected, and it
produces 2 byte checksums, then we would want to proceed using both bytes.

 

At this time, it appears InfoZip does this (2 byte).  I have some checks in
to detect infozip, but I do not know if all versions on all OS's behave the
same way.  Thus the request for samples.

 

My email is   jfoug   at  cox^net    Replace the ^ with a . and the at with
@    DO NOT send anything sensitive in nature.  A simple set of dummy text
files with junk data is just fine, along with a small binary file.

 

I am posting to john-dev at this time.  I may make the same post on
john-users if there are not enough results from this query.

 

Jim.

 


Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ