Slip – Malicious Archive Generator To Exploit Path Traversal Vulnerabilities

Slip – Malicious Archive Generator To Exploit Path Traversal Vulnerabilities

vPython by Prapattimynk

Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa archives.Slip makes it easy to create multiple archives contain

Android Android 5.0Cyber sec
( 604 ratings )
Price: $0
File Slip
Publisher Prapattimynk
Genre Cyber sec
File Type Python
Os All
Mod Version Python
Report Report
Slip is the most famous version in the Slip series of publisher
Download

Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa archives.

Slip makes it easy to create multiple archives containing path traversal payloads in file name fields, rendering the extraction of the archive a potentially dangerous operation. With this approach, it is possible to find and exploit “zip-slip” type vulnerabilities.

Features

Slip is a feature rich script capable of satisfying most “zip-slip” hunting needs, in particular the script:

  • Supports ziptar7zjarwarapk and ipa archives (and every compression algorithm supported by each format)
  • Allows to hunt for both arbitrary file write and arbitrary file read vulnerabilities (using paths or symlinks)
  • Supports multiple payloads of different types (paths/symlinks)
  • Supports the automatic generation of path traversal payloads to look for a file at different “depths”
  • Supports the usage of custom “dotdotslash” sequences
  • Implements a “massfind” mode, that uses a payload dictionary to create the archive


Recommended for You

You may also like

Comments

Your email address will not be published. Required fields are marked *

Next Post X
Ads Blocker Image Powered by Code Help Pro

AdBlocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.