Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4E6BEA36.8000909@bredband.net>
Date: Sun, 11 Sep 2011 00:52:38 +0200
From: magnum <rawsmooth@...dband.net>
To: john-dev@...ts.openwall.com
Subject: Re: Rewrite of the pkzip format posted (on the wiki).

On 2011-09-10 23:18, JimF wrote:
> If there is problems you find (or a patch I have left out, as it appears
> may have happened from a post you made a little after this one), then
> post them, if at all possible. I will try to work through any issues as
> soon as I have time.

Wiki is updated. Here is what I had to do, to get that last zipfile cracked.

Both of the tests affected in the enclosed patch clearly gave false 
negatives on 2011-CrackMeIfYouCan_part1.zip. However, there *might* be 
better ways than just commenting them out like I did. In this case, C 
was 80 (decimal) in the first test and v1 was 0x034b while v2 was 0x1404 
(v2^0xffff was 0xebfb). We might be able to put these back with some 
correction for what is valid or not. If not, there are some more code 
that should be commented out 'cause it's currently unnecessary.

OTOH I don't see much of a performance hit. But I do not possess any 
1-byte checksum zipfiles. These checks are the fourth and fifth so lots 
of false positives are already sorted.

Anyways, I believe this must be in until we get something better.

magnum

View attachment "pkzip-fixes-falseneg.diff" of type "text/x-patch" (1033 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.