Coder Social home page Coder Social logo

archiver-motw-support-comparison's People

Contributors

nmantani avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

rvrsh3ll yeah9782 superuser5 0xd6cb6d73 msf-ntdll 0xrobert empty2081 pawpatrolryder brianbarakakasamba gmh5225

archiver-motw-support-comparison's Issues

Supported vs. Enabled

From the perspective of an attacker, if a software supports MOTW propagation, but it is not enabled by default, then its users are vulnerable (as noone changes the settings really). E.g. one can assume that 7zip does not propagate MOTW, even tho it supports it.

Id recommend to have two rows:

  • MOTW propagation supported: Y/N
  • MOTW propagation by default: Y/N

WinRAR and MOTW

According to Eugene Roshal (WinRAR's author), WinRAR sets MOTW for Office formats, but not other types, because it was causing problems with some installers:

image1

Hello,

It is intentional. Beginning from WinRAR 5.20 we set it only
for MS Office file formats.

Some installers failed to work properly after assigning this stream
and it hurt WinRAR reputation rather badly. For example, search for
"Download 7Zip (I previously had winrar)" here:

https://rog.asus.com/forum/showthread.php?36977-How-to-Install-Ai-Suite-3!-(For-People-Who-Cannot-install-the-new-AI-Suite-3)/page5

Eugene

It appears that at least WinRAR 6.11 doesn't propagate
mark-of-the-web (zone.identifier NTFS stream) when extracting files
from archives downloaded from the internet. Is this intentional?
IIRC, older versions did propagate MOTW.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.