Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Attempting to unzip password protected archives with known passwords #490

Open
rickyboone opened this issue Jun 3, 2020 · 1 comment
Open

Attempting to unzip password protected archives with known passwords #490

rickyboone opened this issue Jun 3, 2020 · 1 comment
Labels
enhancement

Comments

@rickyboone
Copy link

A feature to attempt to unzip password protected files using a known list of password, or a password that could be extracted from the message, would be interesting. I'm seeing a recent wave of malware that is being spread using password protected ZIPs, which I block by default, but then I go through and have to determine if it is a legitimate message, if there is a password in the message that could be used to scan the file, etc. From what I've seen, a significant number of these malicious password protected ZIPs use the same or limited set of passwords (though I expect that to change as things often do).

Just brainstorming, but it might be a useful function in some cases/environments.
@shawniverson
Copy link
Member

This is an interesting idea, especially considering the malicious actor would need to supply the password, which is typically done in the message itself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rickyboone @shawniverson