Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 5 Dec 2014 10:01:07 -0500
From: Matt Weir <>
To: "" <>
Subject: Re: Cracking multiple AES Zip files

Awesome, thank you very much Magnum and Jim! I need to get into a better
habit of digging into the bleeding JtR before asking questions ;p


On Thu, Dec 4, 2014 at 9:59 PM, <> wrote:

> If you use the new bleeding JtR, there is NO false positive any more.  I
> have redone this 'broken' format.  I dug in to understand the gladman code,
> and there is a verifyer, not just the crappy 2 byte checksum.
> The change is shown here:
> So now there is a 10 byte checksum, so only 1 out of 2^80 chance of a
> false positive.  In JtR land, we count that as exact.  Hell, it is 16 bits
> better than DES ;)
> ---- Matt Weir <> wrote:
> > AES encrypted zip files have a high number of false positives in them.
> From
> > the Winzip spec:
> >
> > Password verification value
> .... clip.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.