zip password
Quote from Deleted user on December 1, 2021, 11:21 pmhi
i have zip file protected with password and the app i make with visualneo must unzip some file from that zip file
but some people able to find password of zip file .
how its possible
is visualneo win save password some where or ?...
hi
i have zip file protected with password and the app i make with visualneo must unzip some file from that zip file
but some people able to find password of zip file .
how its possible
is visualneo win save password some where or ?...
Quote from Deleted user on December 2, 2021, 12:25 ami also set encrypt when compail app . so is not safe visual neo or something else is problem
i also set encrypt when compail app . so is not safe visual neo or something else is problem
Quote from HPW on December 2, 2021, 8:22 amHello,
Did you use Encryption-Method AES_XXX?
When you use PkZip then the standard zip-password is used. And this is known for weak protection.
When you need better security use AES_XXX.
Regards
Hans-Peter
Hello,
Did you use Encryption-Method AES_XXX?
When you use PkZip then the standard zip-password is used. And this is known for weak protection.
When you need better security use AES_XXX.
Regards
Hans-Peter
Quote from Deleted user on December 2, 2021, 10:45 amyes i use aes256 and encrypted with 7zip and put a long complex poassword
but i dont think its a zip file problem . because they reach the zip password less tham a miniute :(
yes i use aes256 and encrypted with 7zip and put a long complex poassword
but i dont think its a zip file problem . because they reach the zip password less tham a miniute :(
Quote from HPW on December 2, 2021, 11:13 amHello,
Can you research how they reach the password?
Did they hack the zip or do they extract it from the VNW EXE ?
Do you call any external script files? (So they can change the script content?)
Regards
Hans-Peter
Hello,
Can you research how they reach the password?
Did they hack the zip or do they extract it from the VNW EXE ?
Do you call any external script files? (So they can change the script content?)
Regards
Hans-Peter
Quote from Deleted user on December 2, 2021, 12:48 pmhi thnks for helping
sorry i cant know how they reach the password
and i did not call any external script files
just simple extract zip command that are in visualneo actions
but now put zip contents in embded files to be scure
just now want to know can they reach to embded files now ?
i set encrypt source and cmpress with upx also .
hi thnks for helping
sorry i cant know how they reach the password
and i did not call any external script files
just simple extract zip command that are in visualneo actions
but now put zip contents in embded files to be scure
just now want to know can they reach to embded files now ?
i set encrypt source and cmpress with upx also .
Quote from HPW on December 2, 2021, 1:08 pmHello,
just simple extract zip command that are in visualneo actions
You can try to open the EXE in a good editor and search the string of the zip-command.
If you find something readable that maybe a bug.
You may then modify your zip-coomand to not use the password in that line. Take it from a variable which gets set at a total different place. And there are tricks to hide input. Example "AAA" can be "[#65][#65][#65]".
There may other option to encrypt a password.
Regards
Hans-Peter
Hello,
just simple extract zip command that are in visualneo actions
You can try to open the EXE in a good editor and search the string of the zip-command.
If you find something readable that maybe a bug.
You may then modify your zip-coomand to not use the password in that line. Take it from a variable which gets set at a total different place. And there are tricks to hide input. Example "AAA" can be "[#65][#65][#65]".
There may other option to encrypt a password.
Regards
Hans-Peter
Quote from Vadim on December 3, 2021, 8:24 am@emile
If your project allows it, it is better not to store the password, but only the hash of it. And when checking the entered password, check the hash of the password.
@emile
If your project allows it, it is better not to store the password, but only the hash of it. And when checking the entered password, check the hash of the password.
Quote from Deleted user on December 3, 2021, 11:43 amproject not have password entry
i just want the content of zip be safe and just the app can use that zip .
any way i change the project and add files embedded inside project . i hope its was safe this time
tnks for help
project not have password entry
i just want the content of zip be safe and just the app can use that zip .
any way i change the project and add files embedded inside project . i hope its was safe this time
tnks for help
Quote from HPW on December 3, 2021, 12:21 pmHello,
It would be important to know if anyone is able to decrypt the encryped action code from an EXE.
That would allow that people to steal your code.
So any information how it is done, can be helpfull.
So how did you know that thes need only minutes to hack your zip-command?
Regards
Hans-Peter
Hello,
It would be important to know if anyone is able to decrypt the encryped action code from an EXE.
That would allow that people to steal your code.
So any information how it is done, can be helpfull.
So how did you know that thes need only minutes to hack your zip-command?
Regards
Hans-Peter
Quote from Deleted user on December 3, 2021, 5:13 pmhi
few days a go i publish my project in somewhere
and after a few minute i see some one send me that zip password i use in project
i chnage zip password to stronger password and pulish again
but he send me new password less than minute
...
and i am sorry i cant know how they reach password
that guy is not available
hi
few days a go i publish my project in somewhere
and after a few minute i see some one send me that zip password i use in project
i chnage zip password to stronger password and pulish again
but he send me new password less than minute
...
and i am sorry i cant know how they reach password
that guy is not available