- A lot of jargon I don’t really understand, but the technical skill on display here is very impressive!
- GPU farm to recover $300k in bitcoin from an encrypted ZIP archive.
- IDA Pro
- Lattice reduction
- Meet-in-the-middle attack
After the header is decrypted, the last 1 or 2 bytes in Buffer SHOULD be the high-order word/byte of the CRC for the file being decrypted, stored in Intel low-byte/high-byte order. Versions of PKZIP prior to 2.0 used a 2 byte CRC check; a 1 byte CRC check is used on versions after 2.0. This can be used to test if the password supplied is correct or not.