kimci86 / bkcrack

Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
zlib License
1.69k stars 163 forks source link

Random bytes before and after the plaintext #125

Closed nelolka closed 3 months ago

nelolka commented 5 months ago

I have a question. I have the encrypted (ZipCrypto) and compressed (deflated) zip archive contains one txt file like this:

*random 200-500 bytes*

*known text*
*known text*: *secret code*
*known text*

*random 200-500 bytes*

Is it possible to decrypt archives like this and get the secret code from txt? I have multiple examples with passwords, so I can analyze it.

kimci86 commented 5 months ago

It might be possible if you can guess how deflate compression transformed the data in your encrypted archive. Note that in general it is hard without knowing a large part of the original data.

An important thing to check first is the compression ratio. You can check packed size and uncompressed size by running bkcrack -L your_archive.zip Maybe you are in a case where deflate compression didn't actually compress data and results in a stored block. In such a case, you would have: packed size = uncompressed size + 17. (12 bytes for encryption header and 5 bytes for deflate stored block header.) Then it is easy to get compressed data from plain data: simply offset by 5 bytes.

Otherwise, I suggest to inspect deflate data from other examples you have to better understand how your file might be compressed. To do so, you can decipher (without decompressing) files from the examples with passwords you have and check the output of infgen on the deflate data you get. For example:

bkcrack -C example.zip -c file.txt --password "the password" -d file.deflate
infgen -r file.deflate

Learning about how deflate compression works will be useful to understand the output.

Let me know if that helps. Feel free to share more information or files if you need further help.

nelolka commented 5 months ago

I've tried to analyse my files with infgen, but didn't find any common and contiguous bytes :( I'll send it to you by email. Thank you!

kimci86 commented 3 months ago

Discussed via email. The conclusion is that it's really too hard to guess the compressed data in this case, apparently intentionally. I think this issue can be closed then.

nelolka commented 3 months ago

btw your solution was right. Now I can crack these archives. You are a genius, thank you.

kimci86 commented 3 months ago

Oh great! That was an interesting puzzle, thank you for your feedback.