If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#16
|
|||
|
|||
Trying to send email to myself with zip attachment
On 15/03/2018 13:09:52, R.Wieser wrote:
Mick, I have tried emailing to my own gmail account and so far I have not been able to circumvent their security. Checking for double messages ? Just add some random data into the (re)send message. Most likely even a counter will do. Checking if the send files are "dangerous" ? Change the first few bytes in the (executable or ZIP, etc) file (take any hex editor and add one to each letter A-B, B-C, etc. See Napoleons ring for that - and our modern ROT13 "encryption") so the file ID becomes unrecognisable (but reversable)*. Ofcourse, by editing them that way your ISP gets exactly what it wants: The considered-to-be-noobs on the other side (in this case: yourself) will not be able to simply double-click and run them. :-) *with just a little bit of luck you could do that with some VBScript or alike - as long as it can handle binary data. Regards, Rudy Wieser I am not that bothered Rudy, with messing around for something I will not use very often. I was just trying out of curiosity. If I need to send a file that gmail throws out there are other ways to get that file to its destination. -- mick |
Ads |
#17
|
|||
|
|||
Trying to send email to myself with zip attachment
On 15/03/2018 13:41:05, Paul wrote:
mick wrote: On 15/03/2018 02:43:24, David E. Ross wrote: On 3/14/2018 10:54 AM, mick wrote: On 14/03/2018 17:29:52, Moz wrote: gmail account using thunderbird latest. Will NOT use google cloud to do this ! trying to send a zip file to myself so I can get it remotely but Tbird or provider or ???? keeps reporting that is is a security risk. Hey I a sending it to myself ! so how do I do this ? I renamed it several ways but it still did not go. What is the trick ? remove .zip when sending then add it back on when you receive it, or rename .zip to jpg then rename at the receiving end. That is exactly what I did when I had the same problem. Just be sure that the covering E-mail message tells the recipient how to restore the correct extension. That works with private email addresses but not with gmail, google throws it out every time whatever extension is added or disguise adopted. The OP is using gmail which I did not notice on my first reply. I have tried emailing to my own gmail account and so far I have not been able to circumvent their security. Did you try crypto ? Just curious. And I'm not talking about the password on ZIP. Some earlier version of ZIP, you could crack the password in no time. Might not even be considered cracking as such. There's GNUPG. https://www.glump.net/howto/cryptogr...ard-in-windows And a sanitized version with seemingly no options (back when I tried it). This compresses your file first, before applying something like RSA2048. https://www.gpg4win.org/download.html Now, what I prefer myself, is something lighter weight. A "reversible transform" is some simple function you cook up, such that if it's applied twice, the original data comes back. Say for example, we reverse the letters in "Paul" and make "lauP". Now, some form of automation, not designed for this sort of thing, will simply conclude the file is "data". Whereas a human reading the file, will recognize the transform and undo it, or find a tool to undo it. Even using a transform of your own making, written in some language, might work against the gmail attachment scanner. ******* And there are concepts like this, where transmission to yourself is a perfect application for it. https://en.wikipedia.org/wiki/One-time_pad You can make a random file with this. Here, I decide I need a 31,415,926 byte random file. We're not really all that worried about cryptographic perfection here, because this is merely a demo. Humans are not involved. The NSA isn't trying to crack this. dd if=/dev/random of=random.bin bs=31415926 count=1 Now, all we need is a program to XOR two files. http://www.nirsoft.net/utils/xorfiles.html That's actually a GUI program, which access two input filenames and one output filename. Just don't type a drive letter into the box for the destination. Enter your destination filename only ("send.bin") and select the drive letter using the Browse button. You make random.bin the same length as the number of bytes in the message. message.bin = 31,415,926 bytes You make up a random.bin the same length, as in the example above with "dd.exe". Then, using Nirs XORFiles (making sure the two files are the same length, for fewest surprises!!!) message.bin XOR random.bin == send.bin And that's the file you attach to your Gmail. Later, the recipient of the message (with random.bin file in hand) does send.bin XOR random.bin == got_your_message.bin It's a reversible transform, as long as you have the random.bin in hand. In a perfect world, you make a different random.bin for every message sent. And you "sneakernet" the random.bin to the recipient at some point. When sending to yourself, the random.bin is already in your hand. Suitable for the purpose of proving Gmail can't crack it. There *are* email services that will not forward things they can't snoop, so there's always that part of it. I don't know if Gmail is like that or not, whether they would stop crypto transmissions or not. Paul Thanks for the suggestions Paul. As I replied to Rudy. I am not that bothered with messing around for something I will not use very often. I was just trying out of curiosity. If I need to send a file that gmail throws out there are other ways to get that file to its destination. -- mick |
|
Thread Tools | |
Display Modes | |
|
|