[Esd-l] "encrypted" zips: proof

John D. Hardin jhardin at impsec.org
Tue Mar 2 18:19:35 PST 2004

>From my quarantine:

I don't bite, weah!
archive password:  53861
    [ Part 2, Application/OCTET-STREAM (Name: "TextDocument.zip")
29KB. ]
    [ Cannot display this part. Press "V" then "S" to save in a file.
    [ Part 3: "SECURITY WARNING" ]
The mail system has detected that the preceding ZIP archive
attachment contains suspicious files.
Do not trust it. Contact your system administrator immediately.
The suspicious files in the archive are:


Detected no problem. :)

 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                        pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
				-- Peter da Silva in a.s.r
   32 days until the Slovakian Presidential Election

More information about the esd-l mailing list