Comments on: Reading Password-Protected ZIP Files in Java

By: hiblack

hiblack — Fri, 06 Jan 2012 03:49:11 +0000

Thank you, it’s great :-)

By: Martin

Martin — Thu, 01 Dec 2011 04:02:30 +0000

You can use it in any way you want. If you are re-publishing the source code, referring back to this blog in a javadoc comment would be nice.

By: Chris

Chris — Tue, 29 Nov 2011 15:09:54 +0000

Hi Martin!

Thank you very much for your interesting blog!

We think about integrating your source code posted inside this blog entry “Reading Password-Protected ZIP Files in Java” into one of our applications intended to be finally used for production scenarios. Could you please let us know if you have any concerns regarding this approach? Please let us know if there are terms of a license or any other restrictions we might be aware of?

Your help is much appreciated!

Kind Regards,

Chris

By: Martin

Martin — Wed, 23 Nov 2011 18:59:05 +0000

Well, I have been thinking for some time I’d create an open source project for this and add the output stream as well – as I do see this simple post on my blog is getting lots of hits – so seems like it is quite useful. The problem with the output stream is that I won’t be able to do it in a really streaming way because of the way how Java Zip output stream encodes the file – will have to read significant portion of the zip content into memory – so you will have to make sure your zip file is of a reasonable size or that you allocate enough heap. Will see if I get some time over the weekend… :)

By: faheem

faheem — Wed, 23 Nov 2011 15:06:07 +0000

Hi Martin

Congratulations! your program has become a defacto standard to decrypt password-protected zip files.

But my counterparts are expecting me now to send them PKWare encrypted zip files, after an extensive search I could find java programs which uses AES encryption but not PKWare.

I am in gr8 need of ZipEncryptOutputStream :(

Any help ??

By: Dennis

Dennis — Thu, 06 Oct 2011 16:46:45 +0000

Hi everyone I implemented that in c but I think there is a problem with password verification.
If I’m not mistaken based on pkware we only use 1 byte to check the crc. So we decrypt the file header that is 12 bytes and take it’s last byte and compare it with the crc value that we got from the CRC32 from Local file header so we have 1 byte that can get 255 values comparing with a random value that we got after decrypting the file header that other byte can also take 255 values.
But the passwords that we can use are infinite so there should be many different passwords that might return the same crc value so that means that i might use a wrong password and that crc check will return that thee pass is correct! So it can’t be only that 1 byte check it should be something more…. anyone has an idea how exactly it verify the password?

By: nolo

nolo — Wed, 28 Sep 2011 08:11:42 +0000

What does the second limitation means , or how could I get the correct zip files ?

By: Stanislav Daskalov

Stanislav Daskalov — Thu, 01 Sep 2011 09:04:12 +0000

To be able to work with zero-length files just change the “case HEADER” block with:

case HEADER:
initKeys(password);
for (int i = 0; i = LFH_SIGNATURE.length) {
skipBytes = 2;
state = State.FLAGS;
}
}
break;
}
// intentionally no break

By: PGiZ

PGiZ — Thu, 28 Jul 2011 15:30:54 +0000

Hi , Martin

I ‘m try to write simple program for brute-force password in zip in Operating System Subject. First program for thread

I flow this appnote to decrypt header (12 first byte)

http://www.pkware.com/documents/casestudies/APPNOTE.TXT

Header decrypt with no problem. but I ‘m not understand this message

“After the header is decrypted, the last 1 or 2 bytes in Buffer
should be the high-order word/byte of the CRC for the file being
decrypted, stored in Intel low-byte/high-byte order. Versions of
PKZIP prior to 2.0 used a 2 byte CRC check; a 1 byte CRC check is
used on versions after 2.0. This can be used to test if the password
supplied is correct or not.”

I ‘m try to put correct password. But last decrypted header value not match with
CRC Value (14 – 17 byte position).

Here this code. Write in C++

[code]

#include
#include
#include
#include
#include

#include "pthread.h"

unsigned int crc(unsigned int x , unsigned char b)
{
x = x ^ (unsigned long)b;

for(int i=0; i > 1) ^ 0xEDB88320;
else
x = (x >> 1);
}
return x;
}

int main()
{
FILE *fp;
char zip_location[] = "D:\\Zip\\test_pass.zip";
unsigned char password[] = "1234";
unsigned char header_buffer[12];
unsigned char crc_file[25];
unsigned int keys[3];
unsigned int crc_decrypt;

printf("\nFile = %s\n\n",zip_location);

// First Init 96 Bit Internal State
keys[0] = 0x12345678;
keys[1] = 0x23456789;
keys[2] = 0x34567890;

// Step 1 - Initializing the encryption keys
for(int i=0; i > 24));
}

// Step 2 - Decrypting the encryption header
fp = fopen (zip_location,"r+b");
if(fp == NULL)
{
printf("Error! Can't open file\n");
}
else
{
fread(header_buffer,1,12,fp);

// Jump to CRC32 Section
fseek(fp,14,SEEK_SET);
if(fread(crc_file, 1,4,fp))
{
printf("CRC From File = %X %X %X %X \n\n",crc_file[3],crc_file[2],crc_file[1],crc_file[0]);
}
fclose(fp);
}

for(int i=0; i> 8);

keys[0] = crc(keys[0],c);
keys[1] = keys[1] + (keys[0] & 0x000000FF);
keys[1] = keys[1] * 134775813 + 1;
keys[2] = crc(keys[2],keys[1] >> 24);

header_buffer[i] = c;
}

for(int i=0; i<12; i++)
printf("Buffer[%d]\t= \t0x%X\n",i,header_buffer[i]);

getch();

return 0;
}

[/code]

My email : sum.developer [ a+t ] gmail.com

By: paul

paul — Tue, 21 Jun 2011 07:08:03 +0000

thanks for saving me the time!!