Max File Encryption
From Just Solve the File Format Problem
(Difference between revisions)
Parchivist (Talk | contribs) |
Parchivist (Talk | contribs) |
||
| Line 12: | Line 12: | ||
It used RC4 from v1.1, RC6 from v1.7, and Blowfish from v1.8. | It used RC4 from v1.1, RC6 from v1.7, and Blowfish from v1.8. | ||
| + | |||
| + | Several weaknesses have been found in the embedding part: | ||
| + | |||
| + | * the carrier file contains key components of the program, such as the libraries and public key tokens used, and other artifacts | ||
| + | ** a large number of signatures | ||
| + | ** it is possible to identify key parts of the program source code | ||
| + | * can recover the file size of the unmodified carrier (allows to estimate the size of the embedded content) | ||
== Links == | == Links == | ||
| − | * [https:// | + | * [https://doi.org/10.7717/peerj-cs.7 Forensic analysis of video steganography tools] (mirror [https://www.proquest.com/docview/1956791137 1], [https://www.researchgate.net/publication/345803203_Forensic_analysis_of_video_steganography_tools 2]) - covers v2.0 |
* [https://web.archive.org/web/20121202040547/http://www.softeza.com/fileencryption/index.htm Archived homepage] | * [https://web.archive.org/web/20121202040547/http://www.softeza.com/fileencryption/index.htm Archived homepage] | ||
* [https://web.archive.org/web/20051201080946/http://www.softeza.com/x-exe.htm Archived homepage of X-EXE] | * [https://web.archive.org/web/20051201080946/http://www.softeza.com/x-exe.htm Archived homepage of X-EXE] | ||
Latest revision as of 14:05, 21 October 2023
Max File Encryption (formerly X-EXE) by Softeza is a Win32 program that hides files in other files (generic EOF insertion), encrypts files and creates self-decrypting archives.
It supports archiving multiple files together in all modes.
It used RC4 from v1.1, RC6 from v1.7, and Blowfish from v1.8.
Several weaknesses have been found in the embedding part:
- the carrier file contains key components of the program, such as the libraries and public key tokens used, and other artifacts
- a large number of signatures
- it is possible to identify key parts of the program source code
- can recover the file size of the unmodified carrier (allows to estimate the size of the embedded content)
