Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ptoomey3/evilarc
Create tar/zip archives that can exploit directory traversal vulnerabilities
https://github.com/ptoomey3/evilarc
Last synced: 2 days ago
JSON representation
Create tar/zip archives that can exploit directory traversal vulnerabilities
- Host: GitHub
- URL: https://github.com/ptoomey3/evilarc
- Owner: ptoomey3
- Created: 2011-02-27T22:50:49.000Z (almost 14 years ago)
- Default Branch: master
- Last Pushed: 2021-06-03T13:36:21.000Z (over 3 years ago)
- Last Synced: 2024-12-03T18:23:21.722Z (10 days ago)
- Language: Python
- Homepage:
- Size: 188 KB
- Stars: 981
- Watchers: 15
- Forks: 182
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - ptoomey3/evilarc - Create tar/zip archives that can exploit directory traversal vulnerabilities (Python)
README
# evilarc
## Purpose
evilarc lets you create a zip file that contains files with directory traversal characters in their embedded path. Most commercial zip program (winzip, etc) will prevent extraction of zip files whose embedded files contain paths with directory traversal characters. However, many software development libraries do not include these same protection mechanisms (ex. Java, PHP, etc). If a program and/or library does not prevent directory traversal characters then evilarc can be used to generate zip files that, once extracted, will place a file at an arbitrary location on the target system.