If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#16
|
|||
|
|||
Can .zip files have malware _in their structure_?
On 31/01/2020 03.21, VanguardLH wrote:
"J. P. Gilliver (John)" wrote: .... When document is trying to open a site: Use Trusted/Untrusted List Javascript Enable Javascript Actions = DISABLED ZIP itself has none of this security stupidity. Not all PDF viewers give you these security options, while some just don't support those PDF "features". There are no automatic "features" in a .zip archive file. It's just a file with database structure with records. The archiving program could have a feature that as you hover over a file name, it opens a quickview of it. You would have to extract and run something inside the .zip file for anything to happen. Any vulnerability to the ZIP format would be in whichever viewer you use. That. .... -- Cheers, Carlos. |
Ads |
#17
|
|||
|
|||
Can .zip files have malware _in their structure_?
"Carlos E.R." wrote:
The archiving program could have a feature that as you hover over a file name, it opens a quickview of it. Which is why I mentioned an archive viewer that shows thumbnails of image files within the archive could expose a vulnerability in whatever is the handler to render those thumbnails. Plus, to show a thumbnail of an image file in an archive means having to first extract it, so some viewer could show it. After all, while inside the archive, an image file is no longer an image file. It is encoded using whatever archive format you choose along with whatever compression level you choose and is a record in a database. That record would have to get extracted to be in a file in a format understood by an image viewer. The bits inside the archive are no longer an image, even if you don't compress. Extraction, as you mentioned even if automatic, is when malware could become enabled depending on what handler actually opened the file. 7-Zip doesn't preview image files within the archive. Peazip looks like it does (https://www.peazip.org/screenshots-peazip-1.html), except that is when using its more modern GUI as a file manager (i.e., you enable the thumbnail view in Peazip, but are looking at image files in the OS file system, not inside an archive). When I created a .zip file containing image files, and opened it in Peazip, it would not extract (to temporary folder) the image files to then show a thumbnail for them. It showed a generic image icon for the image files within the archive. |
#18
|
|||
|
|||
Can .zip files have malware _in their structure_?
On 31/01/2020 15.04, VanguardLH wrote:
"Carlos E.R." wrote: The archiving program could have a feature that as you hover over a file name, it opens a quickview of it. Which is why I mentioned an archive viewer that shows thumbnails of image files within the archive could expose a vulnerability in whatever is the handler to render those thumbnails. Plus, to show a thumbnail of an image file in an archive means having to first extract it, so some viewer could show it. After all, while inside the archive, an image file is no longer an image file. I was thinking of previews of any file contained in the zip archive, no matter what. Can be an office file, for example. No, I do not know any zip archiver that does this, but there might be one. It is encoded using whatever archive format you choose along with whatever compression level you choose and is a record in a database. That record would have to get extracted to be in a file in a format understood by an image viewer. The bits inside the archive are no longer an image, even if you don't compress. Extraction, as you mentioned even if automatic, is when malware could become enabled depending on what handler actually opened the file. 7-Zip doesn't preview image files within the archive. Peazip looks like it does (https://www.peazip.org/screenshots-peazip-1.html), except that is when using its more modern GUI as a file manager (i.e., you enable the thumbnail view in Peazip, but are looking at image files in the OS file system, not inside an archive). When I created a .zip file containing image files, and opened it in Peazip, it would not extract (to temporary folder) the image files to then show a thumbnail for them. It showed a generic image icon for the image files within the archive. -- Cheers, Carlos. |
#19
|
|||
|
|||
Can .zip files have malware _in their structure_?
On 30/01/2020 14:31, J. P. Gilliver (John) wrote:
In message , Paul This is safer, but could be used to hide an executable inside, such as README.txt.exe for usage on machines that have "show file extension" turned off. It still requires the user to double-click on README.txt.exe, when they see README.txt on the screen, but the full filename is not displayed in File Explorer. Agreed. There can still be perils associated with the format that way, which are "normal perils" for a "platform with a bad default for its file explorer program". Displaying the extension should *never ever* be turned off. Just as Totally agree. I'm amazed MS still (AFAIK) have that default (on W10 as well as all previous); whatever one may think of their current morals, I would have thought they'd have changed that one by now - I can't see how it _benefits_ them not to have changed it. Having file extensions displayed apparently scare the non-technical, which is why they are turned off. There used to be times where such folks would accidentality edit one of those and the file would not open, causing weeping and gnashing of teeth. -- Adrian C |
|
Thread Tools | |
Display Modes | |
|
|