[Esd-l] Re: Sanitizer and zip virus

John D. Hardin jhardin at impsec.org
Wed Jan 28 05:52:06 PST 2004


On 28 Jan 2004, Agostini yves wrote:

> I had a small idea : use strings and make grep on PK$ to find
> names of files in the zip

I played with some handy .ZIP files and learned two things:

1) filenames can also end in "UT".

2) encrypted ZIPs don't encrypt the list of files in the ZIP.

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                        pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
				-- Peter da Silva in a.s.r
-----------------------------------------------------------------------
   66 days until the Slovakian Presidential Election



More information about the esd-l mailing list