📚 Quickpost: ClamAV and ZIP File Decryption
💡 Newskategorie: IT Security Nachrichten
🔗 Quelle: blog.didierstevens.com
While reading-up on ClamAV and YARA, I came across something I wanted to try for some time: have ClamAV decrypt and scan a password protected ZIP file. It can be done by creating a .pwdb password signature file, as explained in section 3.12 of Creating signatures for ClamAV. I created one signature for password “infected”: […] ...