1993-11-17 - PKCrack available (fwd)

Header Data

From: Anonymous <nowhere@bsu-cs.bsu.edu>
To: cypherpunks@toad.com
Message Hash: 0a84fdc032d5d1f8c64111516bb4bdfcbea3e66c6bb4d7b283c70bd572535704
Message ID: <9311170126.AA28197@bsu-cs.bsu.edu>
Reply To: N/A
UTC Datetime: 1993-11-17 01:25:58 UTC
Raw Date: Tue, 16 Nov 93 17:25:58 PST

Raw message

From: Anonymous <nowhere@bsu-cs.bsu.edu>
Date: Tue, 16 Nov 93 17:25:58 PST
To: cypherpunks@toad.com
Subject: PKCrack available (fwd)
Message-ID: <9311170126.AA28197@bsu-cs.bsu.edu>
MIME-Version: 1.0
Content-Type: text/plain


From: bontchev@fbihh.informatik.uni-hamburg.de (Vesselin Bontchev)
Newsgroups: sci.crypt
Subject: PKCrack available
Date: 16 Nov 1993 10:50:26 GMT
Organization: University of Hamburg -- Germany
Message-ID: <2cab9i$gve@rzsun02.rrz.uni-hamburg.de>
NNTP-Posting-Host: fbihh.informatik.uni-hamburg.de
X-Newsreader: TIN [version 1.2 PL2]

Hello, everybody!

After receiving more than a dozen messages of the type "could you
please send me a copy of PKCrack", I got tired of e-mailing it and
decided to make it available via anonymous ftp. It can be obtained as

ftp.informatik.uni-hamburg.de:/pub/virus/texts/crypto/pkcrack.zip

A few remarks.

1) The archive contains the source (in C) of the program. It should
compile anywhere. Don't ask me to send you a compiler or to compile it
for you. If it happens not to compile on your machine - do the porting
yourself. Be creative. Don't ask me to teach you C if you can't
understand the program.

2) The archive also contains the file APPNOTE.TXT, from the PKZIP
distribution, which explains the format of the ZIP archive in general
and the encryption algorithm in particular. (BTW, this explains why I
put the archive in the texts directory.) The algorithm applies both
for versions 1.1 and 2.04x of PKZIP. The only difference is in the
paragraph that explains how to verify that the password entered is
correct - version 1.1 deals with a 2-byte number (as the text says),
while version 2.04x deals with a one-byte number (as the text doesn't
bother to explain).

3) The program is *trivial*. Really. It does a dictionary attack and
thus requires a dictionary - a file containing the words to try as
passwords. Don't ask me to send you one - there are many on the net.
Find one yourself. Learn to use Archie.

4) The program cannot break just any archive - it can only check
whether the archive is encrypted with one of a (possibly huge) list of
passwords.

5) If you are trying to break an archive created with PKZIP 2.04x, you
will get a lot of false positives. Averagely - once in every 256
attempts. It will help if you have several files in the archive,
encrypted with the same password. If this is the case, increase the
value of NFILES and re-compile the program (yes, I know that it should
be a run-time option). A value of 4 will give the same level of false
positives as for version 1.1, but even a value of 3 is good enough for
practial reasons.

6) If you don't know how to do anonymous ftp - learn. If your system
does not allow you to do anonymous ftp - use a ftp-by-email service.

7) If you don't have unzip for Unix - get one. Don't ask me to e-mail
you the program in source. If you don't know how to transfer files
from the mainframe to your PC - ask your system administrator, not me.

8) I have no idea who has written the program.

9) If you come up with any improvements, you are welcome to send them
to me. If they are good, I will update the program that is on the ftp
site.

Regards,
Vesselin
--
Vesselin Vladimirov Bontchev          Virus Test Center, University of Hamburg
Tel.:+49-40-54715-224, Fax: +49-40-54715-226      Fachbereich Informatik - AGN
< PGP 2.3 public key available on request. > Vogt-Koelln-Strasse 30, rm. 107 C
e-mail: bontchev@fbihh.informatik.uni-hamburg.de        22527 Hamburg, Germany






Thread