Not All ZIP Files Are Equal 

This only works for old ZIP-2.0 Encryption, which already won't be used anymore & is only for very old .zip files

Last time I tried to work with zip files in python I was disappointed because it can't deal with AES encryption without libraries. I feel like maybe this sort of thing could work using just the file headers of knon filetypes like mp4. Decrypt by bruteforce until you see a valid header then try the whole file. Maybe certain encryption methods aren't susceptible to that, idk. Just a thought.

Does this exploit work on .7z archives that use the store method?

Awesome tutorial John. This is exactly the kind of thing I would expect to find in a CTF. I’ll add it to the armoury!

That's really weird that the zip library defaults to "store". Why??

passworded zip file ? Shift + Del. Problem solved

Actually you can crack copressed archives. You need to know at least one whole file from the archive, like README or LICENCE, and compress it using same method as original archive and then use it as plaintext for tha attack. Also you can apply offsets so you can get 12 bytes from diffrent parts of the file and even use one bonus byte from crc. I wrote detailed post about it on medium some time ago.

The password is "infected", duh. /s

But if you have the entire known file you could compress it with the same compression as the one in the file and then do a plain text attack. I hope the newer zip standards include a salt with the AES system. PS: if you use AES256 using winzip the resulting file can't be unzipped by windows explorer if that system also does not have winzip.

Hi John, could you please make a video on how to identify encryption algorithms like AES, cha cha and other during malware reversing.

i mean you could have made this video like 3 minutes long or maybe 4 mins long, idk why it is 13 mins but yeah, just some feedback. i am sorry but my attention span just drifted off watching this vid. i am just leaving a like and a comment to still support u since i like ur vids :)

Hii John love from India ❤

Cool video John! I'm currently working on a method that locks the password field of protected archived files like zip 7z Rar. So basically, even if the correct password is uncovered with tools like Hashcat, the password field remains locked. The user needs to provide a BOM-key to reactivate the password box, In order for the initial password to work. I've tested it with only a single_character password, which is quite crazy. For now I've named this method BOMSec which stands for Byte Order Manipulation Security. I am currently not aware of any RE method or tool that is able to crack a randomly manipulated sequence of bytes in a locked archive. Considering that there's no algorithm involved, eliminating the possibility of a distinguishable obfuscation pattern. When all testing is complete I'll provide a link for humans to try and smash the archive examples open. Because AI at this point struggles to comprehend my method and ranks it as _unethical_,.... not kidding. 😂

can we track exact location of mobile phone using imei number

I dont understand why It took so many years for someone to actually show a glimpse of how to crack zip/rar password protected files. Since It is possible for more than 10years already xD Its always fake software to "bruteforce" or suggesting to magicaly find the pwd. omg xD

😂😂🤣🤣 Shift + Del = you got password for life time

Nice :D

Attempt 2: There is an onion url routed to the localhost ip. Why though? 🤔

*You never explained mitigation ...how do we protect our passworded files from hackers ?*

Zip is a very old format using old security protocols. So of couse people can brite force it.

Peazip mentioned

Thats why I use 7-zip

So happy I ran into John at RSA! Such a big fan of your work. Keep it up, you’re providing an invaluable service to the community 💪🏻

So how does it work?

Since it's a little bit in the same direction. I once had a customer with an excelsheet with macro's, these macro's were password protected with an unknown password. Since office files essentially are compressed folders, i had to unpack it and change 1 byte, repack it and the password is removed. Then i could access the macro's and make changes to it.

what python code you used to create encrypted zip? cause zipfile doesnt support creating archived zip files, it only supports extracting zip with pwd

😮 о да

❤❤

I might finally be able to recover my first archives of prawn. Edit: May be not. Gonna have to wait for quantum computers.

I've never used zip archive cuz I know some tricks to unlock it like this one you've showcasing. I liked this one specifically. So I'm using rar archive instead. any cracking method for rar archive ???

quite obscure video if I'm honest.. not the quality content you used to make back in the day sorry to say.

Something one of my CS professors used to like to say: you can encrypt your compression, but if you can compress your encrypted files, you failed.

It bugs me that you didn't pay for WinRAR 👀

giving a like in the ads... Everybody should know.

Moar practical technique like this, please! Not necessarily cracking, but any actionable methodologies like this

Awesome, thanks for this amazing tutorial. Are there any tools for .xlsx files?

People who came from CTF 😂😂😂😂

Nice tutorial John thankyou so much 😘

Why is my comment gone?

Merci pour la vidéo toujours perspicace

ZIP is junk

har

Ok so this only works with plaintext or something right? And only KNOWN plaintext. So the hundreds of random mp4s that I uploaded to some sketchy website in a .zip are safe right? Store, but set with a password and encrpt filenames. Though I an seeing people saying that it only works on older zip files, and I zipped them like a month ago so im probably good

Sir, please tell me how to upload hacking videos. My videos are being removed by RU-vid due to community guidelines

Is windows 11 safe? I understand it is more difficult 😕

I'm not a haker, but I forgot once password to my zip folder, I literally googled "how to write password breaker in python", I dont know how to code either, but it was right there to download, then i had to learn how to use python. and Then i asked a friend who knows how to use it, to code it for me cuz im an idiot. and it worked!

Down vote. Forced ads

Please don't use distracting music in the background. Plain voice is much better.