Author Topic: a bug in winxp default zip manader...  (Read 1015 times)

hUNT3R

  • Newbie
  • *
  • Posts: 10
  • Kudos: 0
a bug in winxp default zip manader...
« on: 20 April 2003, 18:39 »
bug in winxp default zip manader...
||| I AM VERY SORRY FOR MY POOR ENGLISH |||

a copy of this file have been forwarded to microsoft too...

READ the instruction carefully/throwely

live demonstration ....

http://www.geocities.com/visitbipin/winxp_zip_bug.zip

bug in ... windows default zip manager...

ok look at a bat program ...

_________________________
cd\
c:
cd\
:hel
md 1
cd 1
goto hel

__________________________

and another batch program...in c drive root...

md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
md 3
cd 3
_____________

ok ... the actual bug is... as you know as in the batch program at the top...most ... windows create a directory... after another ... after another... and so on... contniously to about 120 subfolder's and can't create any more... dir's so it ends with error >>> 'can't create to file specified... or....??? look yourself
then look around the 2nd batch program...


it creates many foders ...in a folder ... and agasin in a folder.... several times.... right ...

here the exploit begin's.....

WINDOWS DEFAULT ZIP MANAGER CAN'T EXTRACT FOLDER'S HAVING MORE THAN 120 SUB DIRECTORIES... AND IF IT HAS TO... IT ASSUMES AS IF IT IS PASSWORD PROTECTED AND ASKES FOR PASSWORD ... EVEN WHEN NO PASSWORD IS SET... ((( so the job can't be accomplished)))

DEMONSTRATION:
open the zip file...(exploit demonstration) and click the batch file "click_me_first.bat " it creates20 dirs...named 1 right...

then open the 20 th sub folder... the last one... \1\1\1\1..\ .............. and so on ...>>> the 20th subfolder...

now poen the batch file named .... copy_me.bat

it will create 120 folders named 3 ....and start error... so stop the bath job aster windows can create no more dir's

now zip the dir named 3 ...>>> with winxp default zip manager ....( the dir named3 has 120 subfolder's in it...RIGHT ... ) and copy it to the 20th folder (sub-directory) of the directory named 1... and now man try extracting the dirfrom there ....


i mean....

the folder named 1 is in c:\ (root ) ... it has 20 subdirectories in it..... go to the 20th directory (the last one ) ... and copy the zip file that has 120 folders >>> subdir's in it.... right ???

and try extraching the file from there ... with winzp default zip manager... you will be soon asked for ... enter passowrd... ???
but you haven't set any password... nowhere right....

its because of the very long... directories length ... 20 +120 dirs from your root... so winxp can't extract the file and the default zip manager assumes it to be password proteced ... and halts and askes for password....
---------------
trust me this trick could be used to fool brutal force softwares too...
| .o