Created
December 29, 2018 16:34
-
-
Save beyondlimits/6ac62f45cd8319b591b1252ff634bf71 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| File list can be obtained by running either: | |
| 7z l FILE (for a short list) | |
| 7z l -slt FILE (for a long list) | |
| Examination of the outputs of both commands led to following observations: | |
| - Both commands produce output with common header when run with the same | |
| archive file using the same version of 7-Zip. | |
| - Both commands may produce output with common footer (e.g. warnings). | |
| - By keeping both outputs in sync, it is possible to extract the middle | |
| (files) part. This approach should work mostly reilably. | |
| - Output produced by 7-Zip 16.02 is vulnerable to embedded new-line | |
| characters. Therefore keeping short and long list in sync is essential | |
| for improved reliability. | |
| - Output produced by 7-Zip 18.05 is still vulnerable in header part | |
| (comments), but in files part problematic characters are replaced by | |
| underscore. Although the output is still not perfect, it can be used | |
| to help find lies in list produced by 7-Zip 16.02. | |
| - Header may contain fields that may contain new-line characters | |
| (e.g. Label, Comment). Although Comment seems to be mostly the last | |
| thing, it can get mixed with optional parts of the header with makes | |
| it technically undistinguishable. | |
| - A line must contain ' = ' substring to be considered a key-value pair. | |
| - When a key-pair line (without trailing new-line character) is split into | |
| pieces, no trimming should be performed on any of them. | |
| - Archive information is stored in header which consists of: | |
| string '--' | |
| set of key-value pairs | |
| optionally | |
| string '----' | |
| set of key-value pairs | |
| string '--' | |
| set of key-value pairs | |
| empty line | |
| - Final set of header's key-value pairs seems unified. | |
| - Short file list begins with | |
| string ' Date Time Attr Size Compressed Name' | |
| string '------------------- ----- ------------ ------------ ------------------------' | |
| - Short file list ends with | |
| string '------------------- ----- ------------ ------------ ------------------------' | |
| summary | |
| optional extra information | |
| - Long file list begins with | |
| string '----------' | |
| - Entry of long file list consists of: | |
| set of key-value pairs | |
| empty line | |
| - Synchronization of short and long list: | |
| $filename is a file name which may contain new-line characters. This is | |
| also the point where the parsing program should start comparing bytes in | |
| both list. Every equal byte should be considered a part of file name. | |
| The first difference should be considered the first byte that is not part | |
| of file name and synchronization should be stopped until the next entry. | |
| Note that file name will contain new-line character and the ehd which is | |
| supposed to be stripped off to obtain the real file name. | |
| Sample entry of short list: | |
| 2018-12-09 19:09:41 .R..A 109198568 302090359 $filename | |
| Sample entry of long list: | |
| Path = $filename | |
| Size = 109198568 | |
| Packed Size = 302090359 | |
| Modified = 2018-12-09 19:09:41 | |
| Attributes = RA_ -r--r--r-- | |
| CRC = 57ABEFFB | |
| Encrypted = - | |
| Method = LZMA2:26 | |
| Block = 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment