lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: visitbipin at (bipin gautam)
Subject: Antivirus/Trojan/Spyware scanners DoS!

> Hello everybody,
> I wounder how many Antivirus/Trojan/Spyware scanners
> will choak to death while having a manual scan of
> the
> file:
> I was woundering, what would be the results if such
> file gets stucked in an "AV gateway" (O;
> please, report your findings..... 
> regards,
> Bipin Gautam

These are the recent findings, Please participate in
the discussion.

* KAV successfully passes the test! [Confirmed]

Well I find, both norton antivirus 2002 & norton  2003
first try to extract the zip file..... [note: each ~.*
is a compressed 12 GB file] fo it will [
guessed it..... DoS] Norton Antivirustakes
considerable amount of time to scan .cab files.

I tried.......
It took for ever.... [I stopped or i might have
crassed the server]

I've tried to scan those .bz2 files with Mcafee, it
does choak for a while but it went through.

If you have Autometically 'quarentine/delete' option
set for your AV scanner and it detects a virus "ercata
test virus" inside the rar file. The AV will suffer a
DoS while extracting the .rar files.

-> Has any one tried it for trojan/spyware scanners
that scan inside compressed files???

* Winxp default zip manager just report the 12Gb zip
file to be 121 Mb!???
* Winrar [3.20] can show the size of .bz2 files and
winrar just report is 128 Mb but it start
filling up the hdd. to 12 Gb if you try to extract the
*If we try to extract the 12 Gb [Standalone] file in
Fat32 tries to extract the 12 Gb file and terminate
extraction after 4Gb [fat32 limit] I wounder, why in
the 1'st place would Winrar allow to extract a 4+ Gb
[single] file in Fat 32.

Bipin Gautam

Ps: Please, reply with the version No. of the AV.
scanner that you are using. If anyone of you have a
test PC please test the file using the online virus
scanners available at :

Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger. 

Powered by blists - more mailing lists