Highest Voted 'zip' Questions - IT Security Stack Exchange

129

votes

11 answers

Are password-protected ZIP files secure?

Following my answer. If I can list contents of a password-protected ZIP file, check the file types of each stored file and even replace it with another one, without actually knowing the password, then should ZIP files be still treated as…

passwords zip

asked May 13 '13 at 08:29

trejder

3,329
5
23
33

55

votes

5 answers

How to recover a lost zip file password?

I have some files I was given by my teacher at University, I could chase him up, but I may as well try getting blood from a stone, his response rate isn't great and I completed my degree a year ago! They're pdf files stored inside password protected…

passwords password-cracking file-encryption zip

asked Jul 28 '12 at 16:16

bluekeys

671
1
5
9

36

votes

4 answers

Can password-protected zip files be broken without brute force?

You have a zip file that you created with 7z to password-protect it with AES 128. Can a smart adversary extract the data only through brute force, or is the file vulnerable to other attacks - such as, I don't know, being able to bypass the password…

passwords zip

asked Mar 29 '13 at 23:50

Strapakowsky

3,039
8
26
31

31

votes

2 answers

How do unzip programs check if the password is correct?

It obviously doesn't connect with any sort of database. How is this even possible?

passwords zip

asked Apr 21 '20 at 02:35

Andy_ye

469
4
8

22

votes

4 answers

How is malware distributed within zip files?

Recently it seems there has been a big outbreak of zip files being emailed to people with a .js file containing code that downloads and executes cryptoware. How does the .js actually get executed though? Do users have to execute the javascript file…

malware zip

asked Mar 28 '16 at 21:59

Austin

733
6
14

21

votes

2 answers

At which point can a system be compromised when downloading archived data from an untrusted source?

If I download archived data from a possibly untrusted source at which point am I at possible risk of harming my system: Initially downloading and saving the archived data (still packed) Unpacking the archived data Executing any file from the…

malware file-system zip

asked Jul 17 '19 at 07:01

T A

329
2
8

20

votes

4 answers

What are the security threats of zip file uploads and what preventive actions should be taken?

We have a Drupal application developed for sharing files. We are allowing zip files to be uploaded by logged in departmental user. We are using Drupal private file system (outside webroot). We are using php Fileinfo for validation. Only logged in…

php file-upload security-theater drupal zip

asked Apr 04 '13 at 07:38

msmani

301
1
2
7

18

votes

1 answer

Crack 7Z password if I also have the original file

Some of my files have been encrypted by ransomware. I can find some backup of files (unfortunately not all of them). Can I find the password of the 7Z zipped+encrypted files if I also have some of the original files?

passwords zip

asked Sep 23 '21 at 15:25

rvil76

283
2
4

17

votes

1 answer

What encryption method is used by the zip program in macOS?

In order to send a file securely I am going to encrypt/password protect a zip file. (Why I am doing this). I am using macOS Sierra 10.12.6 and through my research I have concluded that encrypting a zip file is done the following way on macOS, zip -e…

encryption macos zip

asked May 20 '18 at 00:27

JBis

640
5
17

14

votes

3 answers

How long should zip encryption password be for it take 10 years to crack?

I am using zip 3.0.0 on macOS High Sierra and Ubuntu. Here is my zip version on macOS: $ zip --version | head Copyright (c) 1990-2008 Info-ZIP - Type 'zip "-L"' for software license. This is Zip 3.0 (July 5th 2008), by Info-ZIP. Currently maintained…

encryption passwords file-encryption entropy zip

asked Aug 09 '19 at 05:56

Lone Learner

968
1
9
18

13

votes

4 answers

John the ripper is not identifying hashes

I'm attempting to use JTR against a password protected zip. I have created the hash file using:zip2john filename.zip > filename.hash and i get a successful output:file.txt is using AES encryption, extrafield_length is 11 But when I attempt to…

hash password-cracking zip

asked Dec 29 '15 at 07:25

16b7195abb140a3929bbc322d1c6f1

3,334
4
15
20

10

votes

1 answer

How zip symlink works?

I've seen lately some bugs that used zip symlink technique , can anyone explain how this vulnerability works , how attackers use it to exploit applications? Thanks

web-application zip symlink

asked Nov 26 '14 at 19:15

Daniel

1,422
3
21
32

10

votes

2 answers

Is it easier to crack a ZIP file than a 7z archived file given they have the same password?

I am interested in knowing if either of them is easier to crack than the other because of inherent flaws.

encryption passwords zip

asked Oct 24 '15 at 15:06

Alexander Suraphel

203
2
6

9

votes

3 answers

Can the content of a password protected zip file be known?

Let's suppose that I share an illegal copy of a material on web which is in password protected zip file, can the owner send me a copyright notice or know what's inside the zip without knowing the password?

zip

asked May 31 '18 at 17:47

Haniya

93
1
1
4

9

votes

4 answers

Will password protected files like zip and rar also get affected by Odin ransomware?

If I protect my files with password and use rar or zip files to store these files. Can ransomware encrypt password protected files?

ransomware zip

asked Oct 05 '16 at 12:06

Khan

123
2
4

Questions tagged [zip]