Brute-Force ZIP Password Cracking with zipdump.py: FP Fix
In diary entry "Brute-Force ZIP Password Cracking with zipdump.py" I wrote the following:
zipdump can also generated false positives. ZIP files that can be openened with a guessed password through the zipfile/pyzipper API, may still throw an error when the full content is actually read:
This is something I will fix in an upcoming version.
I fixed this in version 0.0.27. Whenever a password is found, zipdump.py will decode the full content of the file to check for CRC32 errors.
Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com
Keywords:
1 comment(s)
×
Diary Archives
Comments