Chris Meadors wrote:
Jesper Juhl wrote:
What I'm thinking is; Would it be feasible to add an option to attempt to brute-force-crack the passwords on zip files when scanning them?
I don't think it can be in reasonable time. My 700 MHz machine takes about 15 minutes to crack a .zip when I have a 1k of known plain text. To brute force it takes about a day to run through all valid passwords up to 6 characters. I think ZIP supports around 64 different characters in the password. So it would take around two months to do the complete 7 character set, 8 characters just gets stupid.
How about only trying every word in the mail-body as a key to try, instead of brute-forcing? The virus(-writer) cannot afford to fudge the password in the mail-body: One would hope that the subset of users that is clever enough to reconstruct the password, yet stupid enough to use that to open it, is small enough to make the virus unviable.
Regards. Paul Boven.
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
