|
Posted by Bakko on January 13, 2008, 12:48 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>> I would like to know if a self extracting EXE has any weaknesses
>> compared to a ZIP (when both are encrypted).
>
>
> The contents (payload) first get zipped using the encryption. Then
> a wrapper is used which is the .exe file. There isn't any
> protection on the wrapper. Anyone can run it. However, they will
> still get queried for the password to decrypt the payload - the
> same password that must be used if all that got delivered was the
> .zip payload. Whether you use a separate unzip utility, like
> Winzip, 7-Zip, UltimateZip, or you use a wrapper .exe that was
> included in the delivery, the payload is just as encrypted.
>
> The .exe wrapper isn't what gets protected. It's the .zip payload
> that is encrypted. The wrapper is literally just tacked on with
> the payload as a huge data section of the program.
>
Vanguard, that's a very useful reply. Thanks.
I understand there is (1) a wrapper and (2) a payload.
Where does it keep the routine for testing the user-entered key?
Is the key-test actually a part of the payload or is the key-test a
third component (which is accessed by the dialog/prompts of the
wrapper)?
| 
XML site map