Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa archives.
Slip makes it easy to create multiple archives containing path traversal payloads in file name fields, rendering the extraction of the archive a potentially dangerous operation. With this approach, it is possible to find and exploit “zip-slip” type vulnerabilities.
Features
Slip is a feature rich script capable of satisfying most “zip-slip” hunting needs, in particular the script:
- Supports zip, tar, 7z, jar, war, apk and ipa archives (and every compression algorithm supported by each format)
- Allows to hunt for both arbitrary file write and arbitrary file read vulnerabilities (using paths or symlinks)
- Supports multiple payloads of different types (paths/symlinks)
- Supports the automatic generation of path traversal payloads to look for a file at different “depths”
- Supports the usage of custom “dotdotslash” sequences
- Implements a “massfind” mode, that uses a payload dictionary to create the archive
What do you think?
It is nice to know your opinion. Leave a comment.