Penetration Testing mailing list archives
Winzip and Due Diligence
From: Matthew Webster <awakenings () mindspring com>
Date: Thu, 8 Mar 2007 15:49:16 -0500 (GMT-05:00)
Folks, I was poking around on Google and noticed there are some tools for cracking WinZip passwords. Does anyone know whether or not these tools also work on AES-256 encryption. My question is academic from a due diligence standpoint. Technically WinZip is FIPS compliant, but if it can be cracked easily, is this something we should really be recommending? Thanks, Matt ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Winzip and Due Diligence Matthew Webster (Mar 09)
- Re: Winzip and Due Diligence Shreyas Zare (Mar 10)
- Firewall testing tool - name forgotten ... Petr . Kazil (Mar 13)
- RE: Firewall testing tool - name forgotten ... Clement Dupuis (Mar 14)
- RE: Firewall testing tool - name forgotten ... Jeremiah Brott (Mar 14)
- Re: Firewall testing tool - name forgotten ... David Jimenez (Mar 14)
- Re: Firewall testing tool - name forgotten ... crazy frog crazy frog (Mar 18)
- Firewall testing tool - name forgotten ... Petr . Kazil (Mar 13)
- SAP Pen-testing - complexity - first ideas Petr . Kazil (Mar 13)
- Re: Winzip and Due Diligence Shreyas Zare (Mar 10)
- RE: Winzip and Due Diligence Password Crackers, Inc. (Mar 10)