Highest Voted 'zip' Questions - IT Security Stack Exchange

9

votes

2 answers

How to detect zip file encryption algorithm

As we know zip files supports a simple password-based symmetric encryption system and some vendors use other algorithms. I used the zipinfo command in Linux but it doesn't say what encryption algorithm is used. How can I find that out?

encryption linux zip

asked Jun 07 '16 at 05:25

arman

93
1
1
4

8

votes

1 answer

Approaches to cracking an encrypted zip file

I'm taking part in a capture-the-flag exercise; the level of difficulty is competent, but non-expert. I'm not a security practitioner, but I do have a development background and a reasonable knowledge of standard tools and techniques. One task…

encryption zip

asked Oct 14 '17 at 10:28

strmqm

183
1
5

8

votes

2 answers

How can I tell if a zip file uses the 7-Zip exploit?

Let's say I have a "corrupted" zip file from a potentially suspicious source, and that at least one person has attempted to extract it. Conventional wisdom used to be that bad stuff™ didn't happen from unzipping a file, but could from interpreting…

zip

asked Jun 29 '16 at 19:08

Michael

2,391
2
19
36

8

votes

2 answers

Are .zip files used as a modern attack vector?

I recently advised someone to share (publish) a bunch of files by just posting a .zip somewhere, but realized this may look malicious to a recipient. This suspicion might be driven from Windows 95 or 98 era, where zip files were frequently…

zip

asked Nov 11 '15 at 20:51

djechlin

278
2
9

7

votes

2 answers

Can I properly make password-protected 7z archives secure?

After reading the question and answers of this and this, I left with an overall impression from the last one that zips were considered not safe and insecure way of sharing data. I still think password-protected compressed files can be made secure.…

passwords file-encryption zip

asked May 31 '13 at 01:22

Strapakowsky

3,039
8
26
31

7

votes

1 answer

How to protect websites against ZIP bombs and reference bombs?

A Zip bomb (concept here) seems quite a "smart" and easy vulnerability to websites where uploading ZIP files is allowed. Such sites are under a threat (at least to make some degree of damage to them) - someone uploads i.e. a 100 KB file [ 50 GB…

zip compression zip-bomb

asked Feb 08 '19 at 10:31

T.Todua

2,677
4
19
28

7

votes

3 answers

Is it safe to click on zip or rar file?

Sometimes I'm in dilemma when I want to open archive file if there is any risk by opening it, because I'm not sure if attacker can use any trick that will trigger malware just by clicking on it. I'm not talking about clicking or opening what's…

malware zip

asked Sep 08 '17 at 04:18

user134969

1,298
4
15
24

6

votes

2 answers

How safe (for privacy/security) is ZIP for file encryption of backups on a flash drive

I am looking to encrypt files on a flash drive (for backup) just in case it gets stolen or lost. I don't want to install any extra software like TrueCrypt but instead just use what's already there on most computers. 1) I can think of using 7z/zip…

encryption privacy file-encryption backup zip

asked May 03 '15 at 08:59

T t

61
2

6

votes

3 answers

Is it possible to read a text file inside a password-protected zip file without the password?

I have a text file (.txt) compressed in ZIP format protected by a password. I think it has only one line of text and I want to see the contents of this file. I tried fcrackzip but I think the password is more complicated than I imagine, so the…

encryption linux file-encryption zip

asked Jan 01 '18 at 23:45

Julián

249
1
4
10

6

votes

2 answers

Is storing an encrypted zip file to an insecure cloud service an admissible way of securing privacy?

Consider the following scenario: I use a cloud service that is not considered secure (meaning no encryption whatsoever) i.e. Dropbox, OneDrive, Google Drive etc. In my account I have a .zip or .7z file that is encrypted using a very strong…

encryption privacy cloud-computing zip

asked Jun 07 '16 at 15:12

Aventinus

329
4
14

5

votes

1 answer

Encryption Using 7z or Zip File

I'm wondering which encrypted 7-Zip file format has better encryption: 7z with 256 AES or zip file with 256 AES? Assume that a strong password is used, then which encrypted 7zip file format has stronger encryption to encrypt info in a text file?

file-encryption zip 7zip

asked May 13 '19 at 05:26

J. A.

77
1
4

5

votes

2 answers

What are some possible uses of a zip bomb?

This article claims that zip bombs cannot be used today as modern systems are too smart for it and no victim is going to slowly unpack terrabytes of data so zip bombs are basically useless. Is this true? Are there any uses for a zip bomb at…

virus antimalware zip compression zip-bomb

asked Feb 22 '17 at 11:20

Vegeta

51
1
2

4

votes

2 answers

How does a zip file detect a correct password?

When extracting files from an encrypted zip archive, the user is asked to give a password in order to read the original file. How does an encrypted ZIP detect when the user has given the correct password? Obviously it does not connect with some…

encryption passwords hash password-cracking zip

asked Dec 11 '18 at 15:00

CodyBugstein

579
5
12

4

votes

1 answer

Are there valid reasons for compressed files (zip, gzip, etc.) to spoof file size?

Zip files, GZip files, and likely others, include information about the contained file, including the uncompressed size of the file. However, when extracting these files the number is meaningless as the actual data can be much larger (eg: reported…

denial-of-service compression zip gzip

asked Feb 03 '17 at 18:15

Tarka

141
3

3

votes

1 answer

Is a ZIP file password easy to break?

I thought that ZIP file passwords were a fairly decent protection. I came across this video, that seems to indicate otherwise. https://www.youtube.com/watch?v=SqRSNuJSm4o [12 minutes view time] Synopsis: The guy uses a zip2exe program to create a …

passwords zip

asked Jul 03 '15 at 19:45

mcu

163
1
1
6

Questions tagged [zip]