zoukankan      html  css  js  c++  java
  • Known plaintext attack

    When you find a ZIP/RAR file with password protected in the evidence, you may try dictionary attack or bruteforce attack or Rainbow talbes... Usually those attack will take a very very long time and end with fail. What will you do then? Allow me to remind you that there is still one thing you can do:"known plaintext attack".

    What is "known plaintext attack"? Let's say when you use ZIP/RAR archiver to archive some files, and set password to protect this archive file. Those files in this archive now have something in common: the "key" generated when archiving.

    So we could assume that some of files in that password-protected ZIP/RAR file are still in the hard drive. What we need is only one of those files so we could start known plaintext attack. Maybe some would say "I don't know which file is one of them?". Fine, all you need to do is gather some documents/pictures that have something to do with our suspect. Use the same ZIP/RAR archiver, of course the same version and the same method, to archive those files you gatehered from suspect's hard drive. Remember do not set password!!!

    We have two files. One is the password-protected ZIP/RAR file, and the other is the ZIP/RAR file with no password-protected. Now you could understand why "known plaintext attack" works because all we have to do is to compare these two archive files, then we could get the key generated in the first place.


    You could use Passware kit or Advanced Archive Password Recovery to proceed known plaintext attack. You will be very surprise that the speed is very fast. It won't take long and you could see the result on the screen. To everybody's surprise, it only takes one minute and forty-two seconds.


    Next time you find password-protected ZIP/RAR files in the evidence, don't forget "known plaintext attack"!!!

  • 相关阅读:
    随堂练习 磁盘管理文件系统
    随堂练习 shell脚本(二)
    随堂练习 软件包管理
    随堂练习 压缩和解压缩
    随堂练习 文本处理小工具
    随堂练习 用户和组的权限管理
    随堂练习 bash shell特性和I/O重定向及管道
    随堂练习 Linux 文件管理
    随堂练习 linux 基础知识
    C连载13-复数类型以及基本数据类型总结
  • 原文地址:https://www.cnblogs.com/pieces0310/p/4732725.html
Copyright © 2011-2022 走看看