Several years ago I was collecting materials forWinamp Skin Museum, and some of the files seemed damaged to me. I decided to explore them, and it turned out, that in fact these skins are just zip files with a different extension. What will happen, if you extract these files? O, what's not there!
So, I managed to find:
- Encrypted files, which I managed to hack and find out their secrets.
- A gift, which a father from Thailand made for his two-year-old son.
- Someone's email password.
- The Secret Biography of Chet Baker.
- Mysterious audio files in reverse order.
- A file called worm.exe, which contained a big surprise.
- Lots of random images and files.
- 56 previously unknown Winamp skins, hidden inside other Winamp skins!
First things first...
First corrupted file, which I looked through, contained only a PDF file with advertising. Someone was renting out a bowling pin costume.:
The other file was called bobs_car.wsz and, as stated, contained a photograph of that same “Bob’s Car”, I guess.
But then things got more interesting. I found one file, which was an encrypted zip archive.
Taking this opportunity, I studied tools for guessing passwords in zip files. Soon I managed to crack this archive, and that's what happened there:
Another file was created by a father from Thailand, who mocked up a Winamp skin in Adobe Illustrator for his two-year-old son. The man didn't know, how to turn your mockup into a skin, so he sent it towinamp.com, attaching a letter to the layout with a request to make a skin out of it, which he could use. The letter was very touching, but he asked not to share the skin publicly, so I won't post it.
Next I found another encrypted zip file. This time the password was not in my word list. After fiddling a bit with the hacking tool's configuration file, I was able to hack it too. The result was a working Winamp skin!
I have uploaded the decrypted versionhere.
Then I became interested, what other sensitive information could be included in the skin files. So I started searching the files for everyoneskins Winamp things like that, as "password".
I found one with a file called, E-mail passwords.txt, which contained... email address and email password! Somehow unsafe.
Another skin contained a text file with hundreds of empty lines, and then, at the very bottom, text:
YOU HAVE FOUND THE SUPRISE!!!
USE THIS PASSWORD:KEWL16
(You have found a SURPRISE!!!
Use a password: KEWL16)
There was a Suprise file inside the skin!.zip, which was encrypted, but the password didn't work! In the end I realized, that the password must be in lowercase. There was a bunch of .avs files inside:
And in this skin there was a file called secret.txt. There was a biography insideThe Baker couple.
Some skins included mp3 files:
sqlite> SELECT skin_md5, file_name FROM archive_files WHERE file_name LIKE “%.mp3”;105a63846a068bcd2199f3921c006c99|winampme/MSNet d�marrage Win-Me.mp3125a87ff1e2b7bce537aa3126b1a80d8|cool.mp3329105cd7d11d3ec1236a7333a6b46e9|WILLIAM/Winamp Skin/MegaMan/Megaman/[MegaMan X] – X Theme.mp357a98f6b68236dd22a006fc8171f94b5|SPARKY.MP37653b2504bc3d9404a17c8eca7ba71af|Knuckle-Duster/hagmans_demo.mp386080023e53a798ccda91109d33abeb7|arrrrrrg.mp39f9c65a5d416d1a97f18dd8488e8cf7b|Blair Amp Project f/Heather_Sorry.mp3a5a3a08340feb5dae3aa87af698b0654|cool.mp3b6a51893dde10f4bcbee50a1fa24b217|(Adam Sandler – Billy Madison – Back 2 School).mp3b6a51893dde10f4bcbee50a1fa24b217|(Mike Myers – Huge Head).mp3b6cf670eb351e2e76f9048a25aeb639d|Diablo.mp3b8ba93a4d427d8fd4f4c5fba7bcba627|BROTHEL – Breathe Swallow.mp3b8ba93a4d427d8fd4f4c5fba7bcba627|BROTHEL – Fuck That Noise.mp3b8ba93a4d427d8fd4f4c5fba7bcba627|BROTHEL – SunScreen2000.mp3c647cd24f5809664e0d2e210a68310c1|SKATEBOARDING – Osiris ShoesTheme.mp3c9b348ae2b93471b76ee2634a12d1dce|The Mark, Tom and Travis show/Blink 182 – Dammit (Sample).mp3d54e166f5227967e153ec40783473c0b|cos-xenu.mp3d54e166f5227967e153ec40783473c0b|lrh-xenu.mp3e47edeecb002afecf1b30ebab8c8d1e9|Destroy v2.0.mp3fcf17a808fdb485bb3e95a64debea848|Diablo.mp3
This skin included a file called Sovergein Sect.wav.
While listening, I got the feeling, that the file is played in reverse order, so I reversed the audio file. It seems, that someone says the name of the skin and some other information.
A few days later I found the skin, containing only one file: WORM.EXE Sounds dangerous!
I fed it to Virus Total, but he didn't find any problems. Someone on the Webamp Discord bravely tried to run it on a virtual machine and received the following message:
It was a game, snake-like!
Here's the top speed:
Another skin included only one file, Standing around the hoop.jpg
And in another file there was a picture ellie.bmp This, I guess, Ellie?
The next one contained two photographs of a newborn and a text file:
Here are some photos of the baby at home.
Joe
Finally, I decided to look for skins, containing other skins, and discovered 127 things! 54 none of them have been to the skin museum yet, so I uploaded them there.
Fun, what interesting and strange things, left by different people, can be found, if you dig a little.