Brute-Force ZIP Password Cracking with zipdump.py: FP Fix

Published: 2023-07-16. Last Updated: 2023-07-16 08:22:25 UTC
by Didier Stevens (Version: 1)
1 comment(s)

In diary entry "Brute-Force ZIP Password Cracking with zipdump.py" I wrote the following:

zipdump can also generated false positives. ZIP files that can be openened with a guessed password through the zipfile/pyzipper API, may still throw an error when the full content is actually read:

This is something I will fix in an upcoming version.

I fixed this in version 0.0.27. Whenever a password is found, zipdump.py will decode the full content of the file to check for CRC32 errors.

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

Keywords:
1 comment(s)

Comments


Diary Archives