View Issue Details

IDProjectCategoryView StatusLast Update
0004550Kali Linux[All Projects] Queued Tool Additionpublic2020-04-15 08:29
Reporterkvesel Assigned To 
PrioritynormalSeverityfeatureReproducibilityN/A
Status acknowledgedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0004550: zipbrk - exploit/tool for modern systems
DescriptionUpdate for the `zipbrk` exploit/tool for fuzzing the PKZIP file format, and adding support to modify file options to bypass detection (ex. AV Scans, E-Mail filter, etc.) and protect from extraction. Manpages have also been included.
Steps To ReproduceN/A
Additional InformationThe repository for the updated version can be found at: https://github.com/kvesel/zipbrk/

Activities

g0tmi1k

2018-02-21 16:04

administrator   ~0008781

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

- [Name] - The name of the tool
- [Version] - What version of the tool should be added?
--- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
- [Homepage] - Where can the tool be found online? Where to go to get more information?
- [Download] - Where to go to get the tool? either a download page or a link to the latest version
- [Author] - Who made the tool?
- [Licence] - How is the software distributed? What conditions does it come with?
- [Description] - What is the tool about? What does it do?
- [Dependencies] - What is needed for the tool to work?
- [Similar tools] - What other tools are out there?
- [Activity] - When did the project start? Is is still actively being deployed?
- [How to install] - How do you compile it?
--- Note, using source code to acquire (e.g. git clone/svn checkout) can't be used - Also downloading from the head. Please use a "tag" or "release" version.
- [How to use] - What are some basic commands/functions to demonstrate it?

kvesel

2018-02-21 18:29

reporter  

zipbrk.c (13,906 bytes)

kvesel

2018-02-21 18:29

reporter   ~0008786

- [Name] - Zip Break / zipbrk

- [Version] - 2.1.1b (Master)

- [Homepage] - http://kat.sdf.org/

- [Download] - https://github.com/kvesel/zipbrk OR http://kat.sdf.org/zipbrk.c

- [Author] - kat will suffice

- [Licence] - as-is, free usage

- [Description] - It modifies zip files for various purposes to include bypassing anti-virus detection, bypassing e-mail filters, modifying the integrity checks, and encryption settings.

- [Dependencies] - a C compiler and supporting operating system

- [Similar tools] - same thing, multiple different file and author names (zipbrk and zipbrk2 are variants)

- [Activity] - 2004ish initial release, rereleased in in 2017 with 64-bit support, feature extensions, and included a working manpage

- [How to install] - gcc -o zipbrk zipbrk.c

- [How to use] -

zipbrk file.zip --encryption-unset
Change the encryption flag to show the zip is unencrypted (whether the contents are actually encrypted or not). In contrast, --encryption-set performs the opposite operation. The -e and -de flags alternatively be used.

zipbrk file.zip --xor-crc32
XOR the current CRC32 values for each file against a hash generated from a user-provided password. Most zip programs will fail to attempt in opening the zip file contents because it will believe the contents are damaged.

zipbrk file.zip --signature-spoof
Modify the magic number of the zip file so filters and other software will incorrectly assume the file is not a zip file format, and will fail to extract or check the contents.

zipbrk file.zip --zero-date --zero-time
Strips the date and time information from the archived files to assist in sanitising the zip file contents of some identifying information.

kvesel

2018-02-21 18:30

reporter  

zipbrk.1.gz (595 bytes)

kvesel

2018-02-21 18:32

reporter   ~0008787

I uploaded the source and manpage as well to bug tracking.

g0tmi1k

2018-02-22 18:02

administrator   ~0008792

Please could you tag the release: https://github.com/kvesel/zipbrk/releases

kvesel

2018-02-22 21:47

reporter   ~0008793

Yes thank you it is done.)) https://github.com/kvesel/zipbrk/releases/

g0tmi1k

2020-02-25 13:31

administrator   ~0012343

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

kvesel

2020-04-15 07:49

reporter   ~0012624

@g0tmi1k ok, i am working on the package, should i move the code/project to gitlab as well?

g0tmi1k

2020-04-15 08:29

administrator   ~0012625

Up to you! We don't mind.

Issue History

Date Modified Username Field Change
2018-02-21 15:57 kvesel New Issue
2018-02-21 16:04 g0tmi1k Product Version 2018.1 =>
2018-02-21 16:04 g0tmi1k Summary Update to `zipbrk` exploit/tool for modern systems => zipbrk - exploit/tool for modern systems
2018-02-21 16:04 g0tmi1k Note Added: 0008781
2018-02-21 18:29 kvesel File Added: zipbrk.c
2018-02-21 18:29 kvesel Note Added: 0008786
2018-02-21 18:30 kvesel File Added: zipbrk.1.gz
2018-02-21 18:32 kvesel Note Added: 0008787
2018-02-22 18:02 g0tmi1k Note Added: 0008792
2018-02-22 21:47 kvesel Note Added: 0008793
2020-02-25 13:31 g0tmi1k Status new => acknowledged
2020-02-25 13:31 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-02-25 13:31 g0tmi1k Note Added: 0012343
2020-04-15 07:49 kvesel Note Added: 0012624
2020-04-15 08:29 g0tmi1k Note Added: 0012625