In diary entry "Brute-Force ZIP Password Cracking with zipdump.py" I wrote the following:

zipdump can also generated false positives. ZIP files that can be openened with a guessed password through the zipfile/pyzipper API, may still throw an error when the full content is actually read:

This is something I will fix in an upcoming version.

I fixed this in version 0.0.27. Whenever a password is found, zipdump.py will decode the full content of the file to check for CRC32 errors.

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com