This is what I did.
1. Went with using the native zip and unzip commands.
2. Used the perl Expect module to deal with the password prompts.
( I know that zip passwords are weak, but this is what the client
specified)
Here's a snippet if any one is interested. (very watered down to just
show how it's done )
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
use Expect;
my $exp = new Expect or
die "Error - Cannot create an expect object, because of <$!>\n";
#-----------------------------------
#$opt_unzip is set on command line if user wishes to
# unzip a file
#-----------------------------------
if ( $opt_unzip ) {
#-----------------------------------
#$opt_file is the input zip file name
#-----------------------------------
$exp->spawn("/bin/unzip -oj $opt_file ") or
die "Error - Cannot spawn command, because of <$!>\n";
}
else {
#-----------------------------------
#$opt_file is the filename
#$opt_output is the output zip file name
#-----------------------------------
$exp->spawn("/bin/zip -e $opt_output $opt_file") or
die "Error - Cannot spawn command, because of <$!>\n";
}
#---------------------------------------------------------------------
# for zip, the password option generates the following sequence.
#
#Enter password:
#Verify password:
#
#---------------------------------------------------------------------
# for unzip, the password option generates the following sequence.
# using file o.zip as an example.
#
#Archive: o.zip
#[o.zip] o.txt password:
#
#---------------------------------------------------------------------
$opt_pass = "GET_PASSWORD_FROM_SECRET_PLACE";
my $pattern = "password:";
#-----------------------------------
#both commands zip and unzip contain the
#word "password:" in the challange
#-----------------------------------
my $patidx = $exp->expect(15, $pattern);
if ($patidx) {
$Expect::Log_Stdout = 0;
sleep 1;
$exp->send("$opt_pass\r");
#-----------------------------------
#if it's to be zipped, it will
#issue the verify password challenge
#-----------------------------------
if (!$opt_unzip) {
sleep 1;
$patidx = $exp->expect(15, "Verify password:");
if ($patidx) {
sleep 1;
$exp->send("$opt_pass\r");
}
else {
warn "Error - Pattern not found\n";
exit 8;
}
}
$Expect::Log_Stdout = 1;
}
else {
warn "Error - Pattern not found\n";
exit 8;
}
$exp->soft_close();
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Burak Gursoy
Sent: Friday, July 30, 2004 7:26 AM
To: [EMAIL PROTECTED]
Subject: RE: Any way to process passwords in Archive::Zip ????
nope. I'm currently not interested in zip cracking or winzip thingies.
Thanks for the infozip link.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
Willem Hengeveld
Sent: Thursday, July 29, 2004 10:33 PM
To: Burak Gursoy
Cc: [EMAIL PROTECTED]
Subject: Re: Any way to process passwords in Archive::Zip ????
On Thu, Jul 29, 2004 at 08:33:14PM +0300, Burak Gursoy wrote:
> > don't know how to do that with perl.
>
> and... do you know how to do in another language? :) I'm also
interested
in
> this subject but digging google didn't return me any info :(
http://www.info-zip.org/pub/infozip/
download from ftp://ftp.icce.rug.nl/infozip/src/
if you are looking for zip password cracking software:
http://www.elcomsoft.com/azpr.html
or a paper on problems with the new winzip encryption:
http://www.cs.ucsd.edu/users/tkohno/papers/WinZip/winzip.pdf
willem
_______________________________________________
Perl-Win32-Users mailing list
[EMAIL PROTECTED]
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
_______________________________________________
Perl-Win32-Users mailing list
[EMAIL PROTECTED]
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
_______________________________________________
Perl-Unix-Users mailing list
[EMAIL PROTECTED]
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
