[ale] unzipping an encrypted zip file

Michael H. Warfield mhw at WittsEnd.com
Thu Aug 6 16:20:24 EDT 2009


On Thu, 2009-08-06 at 15:36 -0400, Greg Freemyer wrote:
> All,

> I need to unzip an encrypted zip file.  What tool should I use.  (And
> yes windows is available, but I hate to give in and ask a co-worker to
> do it for me.)

> First attempt:
> $ unzip fileserver_sec_log.zip
> Archive:  fileserver_sec_log.zip
>   End-of-central-directory signature not found.  Either this file is not
>   a zipfile, or it constitutes one disk of a multi-part archive.  In the
>   latter case the central directory and zipfile comment will be found on
>   the last disk(s) of this archive.
> unzip:  cannot find zipfile directory in one of fileserver_sec_log.zip or
>         fileserver_sec_log.zip.zip, and cannot find
> fileserver_sec_log.zip.ZIP, period.

	What is it "encrypted" with?  I deal with encrypted zip files all the
time (generally malware samples to study) and simply running unzip -l on
the archive will still give you a listing of the archive (the "central
directory" is not encrypted) but you need the password to extract the
files.  This sounds like it's either externally encrypted or corrupt or
there's a new zip encryption method in town.

> Greg

	Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20090806/0c301c09/attachment.bin 


More information about the Ale mailing list