zipfile module giving unreliable results_问答_开发者

zipfile module giving unreliable results

开发者 https://www.devze.com 2023-02-03 16:43 出处：网络

I made a dictionary attack on encrypted zip files, using the zipfile library. When I started using BIG dictionaries sometimes I got false positive results, i.e. password could be \"wool\" and \"12630\

I made a dictionary attack on encrypted zip files, using the zipfile library. When I started using BIG dictionaries sometimes I got false positive results, i.e. password could be "wool" and "12630" was considered correct. In that case the decrypted file contained gibberish obviously.

It's not a bug in my code, but in the way the zipfile library checks to see if the provided password is correct. I've managed to decrease the false positives by checking the size of the decrypted file and if it's equal to 0 consider it false and keep searching. But my problem remains, because when the file contains gibberish it's size > 0. So my question is, is there any way I can determine in Python if a file has be decrypted correctly or if it contains gibberish?

PS. Yes I know decrypting zip files with zipfile is slow, but as I said earlier I do this in order to get a grip of Python.

Here is my code:

import zipfile
import os



zfile=raw_input("Please input zip's file name\n")
diction=raw_input("Please input dictionary\n")
found = False
zipf = zipfile.ZipFile( zfile, 'r' )
f = open(diction, 'r')

for line in开发者_Go百科 f:
    pswd = line
    pswd = pswd[:-1]
    zipf.setpassword(pswd)   
    try:
        zipf.extractall()
        if (os.path.getsize(zfile[:-4]) != 0):
            found = True 
            break
    except RuntimeError:
        continue
    except Exception:
        continue
zipf.close()

This is a bug report i submited in python's bug tracker. As you can see they don't consider it a "bug" of the library, that's why I'm asking for alternatives of checking if the file decrypted correctly.

PS. For anyone that cares, in the link provided above, they told me that it's a problem of the zip file format and that there is nothing that can be done. So I guess, question is kind of answered.

From this zipfile bug report

The password-checking scheme uses a one-byte check against the zip header for consistency. So there is a (near) 1/256 chance of false positives, that is of bad passwords mistakenly detected as good; then the ZipFile class proceeds with unarchiving and that's where things fail (because the "decrypted" stream is really junk).