DOS ain't dead

HX updated (DOSX)

posted by Rugxulo , Usono, 25.11.2012, 07:09

> > Well, here's a potential simple workaround: change "PE" text signature
> to
> > "PX".
>
> Ok, thanks for the hint! However, to encrypt the whole package is probably
> more fool-proved. It's not totally comfortable, but IMO DOS users should be
> used to - and enjoy - uncomfortable weather.




mkdir -p /tmp/blah && cd /tmp/blah
wget http://oldhome.schmorp.de/marc/data/fcrackzip-1.0.tar.gz
tar xzf fcrackzip*gz && configure && make
wget http://www.japheth.de/Download/HX/HXRT217.zip
fcrackzip -b -c a -v -l 1-8 HXRT217.zip


BTW, I cheated somewhat as I already knew the password was all lowercase and length 8 or less. So apparently in less than 10 minutes, it's already told me "possible pw found:" correctly (though keeps running). My previous attempt was apparently expecting more fancy passwords as it's still running (single core) 37 hours later! (John the Ripper - Jumbo, after zip2john prepares it). I didn't try old fzc from Sac.Sk (DOS!) because I was hoping the other would be better / faster. fcrackzip says it's portable and free unlike fzc (encrypted, asm-only). There's an old article (from 1995?) called kocher-pkzip-attack.txt (link broken in official Info-Zip FAQ) that says PKZIP encryption is fairly weak and shouldn't be relied upon. Especially nowadays with much faster computers, better compilers, multiple cores, SIMD, and things like Amazon EC2.

I really only did this to prove a point: ZIP passwords aren't infallible. Though I don't think "cracking" a .ZIP is justified (legal, moral, etc.) in 99% of cases. Hope this doesn't offend anyone!

Complete thread:

• HX bugs - DOS386, 19.12.2009, 14:26
  • OLEeeee, OLEeeeeeeee - 1 more bug - "StringFromGUID2" - DOS386, 20.12.2009, 07:45
    • OLEeeee, OLEeeeeeeee - 1 more bug - "StringFromGUID2" - Japheth, 20.12.2009, 16:45
      • HX 2.17 improvements | even one more bug - DOS386, 21.12.2009, 08:50
  • GPF in "GetProcessHeapEx" | trun in "GetExitCodeProcess" - DOS386, 24.12.2009, 09:59
    • GPF's | buggy thing | "CreateProcessA" | ZERO'izing FS - DOS386, 25.12.2009, 16:16
      • GPF's | buggy thing | "CreateProcessA" | ZERO'izing FS - Japheth, 28.12.2009, 16:37
        • GPF's | buggy thing | "CreateProcessA" | ZERO'izing FS - DOS386, 29.12.2009, 09:39
          • 6 more bugs | PETITE | DGDI32.DLL | docs sugx - DOS386, 17.03.2010, 06:02
            • 6 more bugs | PETITE | DGDI32.DLL | docs sugx - Japheth, 18.03.2010, 08:59
              • 6 more bugs | PETITE | DGDI32.DLL | docs sugx - DOS386, 06.06.2010, 16:04
                • discovered 3 more buggs - DOS386, 14.07.2010, 14:38
                  • discovered 3 more buggs - Japheth, 17.07.2010, 15:58
                    • discovered 3 more buggs - DOS386, 23.07.2010, 07:33
  • Generic horse power 15.CHINA for HX :-) - DOS386, 23.05.2010, 07:07
  • HX bugs - DOS386, 17.11.2010, 04:43
    • HX bugs - DOS386, 17.11.2010, 05:26
      • HX bugs | GNASH - DOS386, 27.12.2010, 09:25
        • HX bugs | GNASH - DOS386, 28.12.2010, 07:52
  • HX bugs - innounp - DOS386, 18.02.2011, 05:03
    • HX issues | MUH-pdf | Is Processor Feature Present - DOS386, 19.02.2011, 11:58
      • HX issues | MUH-pdf | Is Processor Feature Present - Japheth, 19.02.2011, 12:48
  • HX bugs | PETITE & 7-ZIP PF in Ring0 - DOS386, 03.07.2011, 11:18
    • HX bugs | PETITE & 7-ZIP PF in Ring0 - Japheth, 03.07.2011, 20:01
      • HX bugs | missing imports | Dillo | MUPDF | TryEnter - DOS386, 20.11.2011, 04:33
        • HX bugs 2 more | ME bugs 1'000'000'000 more - DOS386, 24.11.2011, 06:11
          • HX updated - DOS386, 20.11.2012, 11:34
            • HX updated - Rugxulo, 22.11.2012, 05:56
              • HX updated - Japheth, 22.11.2012, 07:03
                • HX updated - Rugxulo, 22.11.2012, 09:32
                  • HX updated - Rugxulo, 22.11.2012, 10:16
                    • HX updated - Japheth, 23.11.2012, 09:13
                      • HX updated - Rugxulo, 25.11.2012, 07:09
                      • HX updated - george_breese, 07.01.2013, 18:43
                        • HX updated - Japheth, 08.01.2013, 08:44
                          • HX updated (5 years ago) ... but FFMPEG 1.1.1 works almost - DOS386, 08.02.2013, 10:50
                            • HX and INNOUNP (yeah: BUG isolated !!!) - DOS386, 08.02.2013, 14:41
                              • HX and INNOUNP (yeah: BUG isolated !!!) - Japheth, 09.02.2013, 08:48
                              • HX bugs (3 more) - DOS386, 10.04.2013, 12:08
                                • HX and MSVCRT.DLL - DOS386, 08.03.2014, 18:52
                                  • HX and MSVCRT.DLL - Rugxulo, 23.03.2014, 06:47
                              • WINE and INNOUNP (and Delphi) - Rugxulo, 11.06.2015, 02:15
              • HX full of virii - DOS386, 22.11.2012, 16:09
                • HX full of virii - Rugxulo, 23.11.2012, 00:24
                  • HX full of virii - DOS386, 16.12.2012, 13:00
                    • HX (not) full of virii - Rugxulo, 16.12.2012, 22:07
                      • HX (not) full of virii - Japheth, 16.12.2012, 22:24
                        • HX (not) full of virii - Rugxulo, 17.12.2012, 21:59
                      • HX (not) full of virii - DOS386, 17.12.2012, 05:32
                        • HX (not) full of virii - Japheth, 17.12.2012, 08:47
                        • HX (not) full of virii - Rugxulo, 17.12.2012, 22:14
                          • HX (not) full of virii - Rugxulo, 18.12.2012, 20:55