slipit is a command line utility for creating archives with path traversal elements.

Related tags

Command-line Toolsslipit
Overview

slipit

slipit is a command line utility for creating archives with path traversal elements. It is basically a successor of the famous evilarc utility with an extended feature set and improved base functionality.

Installation

slipit can be installed via pip by running the following commands:

$ git clone https://github.com/usdAG/slipit
$ cd slipit
$ python3 setup.py sdist
$ pip3 install --user sdist/*

slipit also supports autocompletion for bash. To take advantage of autocompletion, you need to have the completion-helpers project installed. If setup correctly, just copying the completion script to your ~/.bash_completion.d folder enables autocompletion.

Usage

[[email protected] ~]$ slipit -h
usage: slipit [-h] [--archive-type {zip,tar,tgz,bz2}] [--clear] [--debug] [--depth int] [--increment int] [--overwrite]
              [--prefix string] [--multi] [--separator char] [--sequence seq] [--static content] [input ...] archive

slipit v1.0.0 - Utility for creating ZipSlip archives.

positional arguments:
  input                 input files to include into the archive
  archive               target archive file

optional arguments:
  -h, --help            show this help message and exit
  --archive-type {zip,tar,tgz,bz2}
                        archive type to use
  --clear               clear the specified archive from traversal items
  --debug               enable verbose error output
  --depth int           number of traversal sequences to use (default=6)
  --increment int       add incremental traversal payloads from 
   
     to depth
   
  --overwrite           overwrite the target archive instead of appending to it
  --prefix string       prefix to use before the file name
  --multi               create an archive containing multiple payloads
  --separator char      path separator (default=\)
  --sequence seq        use a custom traversal sequence (default=..{sep})
  --static content      use static content for each input file

slipit expects an arbitrary number of input files and the targeted output archive as mandatory command line parameters. All specified input files are appended to the specified archive including a path traversal prefix with a depth specified with the --depth option (default is 6). The targeted archive format is determined automatically depending on the file extension for non existing archives or the mime type for already existing archives. You can also specify the archive type manually by using the --archive-type option.

[[email protected] ~]$ slipit example.zip 
File Name                                             Modified             Size
example/                                       2022-02-02 18:39:00            0
example/images/                                2022-02-02 18:40:16            0
example/images/holiday.png                     2022-02-02 18:40:06        34001
example/images/beach.png                       2022-02-02 18:40:16         2112
example/documents/                             2022-02-02 18:39:48            0
example/documents/invoice.docx                 2022-02-02 18:39:40         3001
example/documents/important.docx               2022-02-02 18:39:48          121
[[email protected] ~]$ slipit test.txt example.zip 
[[email protected] ~]$ slipit example.zip 
File Name                                             Modified             Size
example/                                       2022-02-02 18:39:00            0
example/images/                                2022-02-02 18:40:16            0
example/images/holiday.png                     2022-02-02 18:40:06        34001
example/images/beach.png                       2022-02-02 18:40:16         2112
example/documents/                             2022-02-02 18:39:48            0
example/documents/invoice.docx                 2022-02-02 18:39:40         3001
example/documents/important.docx               2022-02-02 18:39:48          121
..\..\..\..\..\..\test.txt                     2022-02-02 18:40:48           36

slipit expects the specified input files to exist on your local file system and uses the file content of them within the archive. Often times this is not necessary and you just require dummy content to test for ZipSlip vulnerabilities. This is where the --static option can be helpful. When using this option, only the filenames of the specified input files are used within the archive, while their content is set to .

[[email protected] ~]$ slipit test2.txt example.zip --static 'HELLO WORLD :D'
[[email protected] ~]$ slipit example.zip 
File Name                                             Modified             Size
example/                                       2022-02-02 18:39:00            0
example/images/                                2022-02-02 18:40:16            0
example/images/holiday.png                     2022-02-02 18:40:06        34001
example/images/beach.png                       2022-02-02 18:40:16         2112
example/documents/                             2022-02-02 18:39:48            0
example/documents/invoice.docx                 2022-02-02 18:39:40         3001
example/documents/important.docx               2022-02-02 18:39:48          121
..\..\..\..\..\..\test.txt                     2022-02-02 18:40:48           36
..\..\..\..\..\..\test2.txt                    2022-02-02 18:45:22           14

By using the --clear option, you can clear an archive from path traversal payloads.

[[email protected] ~]$ slipit --clear example.zip 
[[email protected] ~]$ slipit example.zip 
File Name                                             Modified             Size
example/                                       2022-02-02 18:39:00            0
example/images/                                2022-02-02 18:40:16            0
example/images/holiday.png                     2022-02-02 18:40:06        34001
example/images/beach.png                       2022-02-02 18:40:16         2112
example/documents/                             2022-02-02 18:39:48            0
example/documents/invoice.docx                 2022-02-02 18:39:40         3001
example/documents/important.docx               2022-02-02 18:39:48          121

slipit also allows to create an archive containing multiple payloads by using the --multi option:

[[email protected] ~]$ slipit test.txt example.zip --static content --multi
[[email protected] ~]$ slipit example.zip 
File Name                                             Modified             Size
C:\Windows\test.txt                            2022-02-03 09:35:28            7
\\10.10.10.1\share\test.txt                    2022-02-03 09:35:28            7
/root/test.txt                                 2022-02-03 09:35:28            7
../test.txt                                    2022-02-03 09:35:28            7
..\test.txt                                    2022-02-03 09:35:28            7
../../test.txt                                 2022-02-03 09:35:28            7
..\..\test.txt                                 2022-02-03 09:35:28            7
../../../test.txt                              2022-02-03 09:35:28            7
..\..\..\test.txt                              2022-02-03 09:35:28            7
../../../../test.txt                           2022-02-03 09:35:28            7
..\..\..\..\test.txt                           2022-02-03 09:35:28            7
../../../../../test.txt                        2022-02-03 09:35:28            7
..\..\..\..\..\test.txt                        2022-02-03 09:35:28            7

Supported Archive Types

Currently, the following archive types are supported (just naming their most common extension):

  • .zip
  • .tar
  • .tar.gz
  • .tar.bz2
You might also like...
cmsis-pack-manager is a python module, Rust crate and command line utility for managing current device information that is stored in many CMSIS PACKs

cmsis-pack-manager cmsis-pack-manager is a python module, Rust crate and command line utility for managing current device information that is stored i

pyocd 20 Dec 21, 2022
Baseline is a cross-platform library and command-line utility that creates file-oriented baselines of your systems.
Baseline is a cross-platform library and command-line utility that creates file-oriented baselines of your systems.

Baselining, on steroids! Baseline is a cross-platform library and command-line utility that creates file-oriented baselines of your systems. The proje

Nelson 4 Dec 9, 2022
A Python module and command line utility for working with web archive data using the WACZ format specification

py-wacz The py-wacz repository contains a Python module and command line utility for working with web archive data using the WACZ format specification

Webrecorder 14 Oct 24, 2022
A command-line utility that, given a markdown file, checks whether all its links work.

A command-line utility written in Python that checks validity of links in a markdown file.

Teclado 2 Dec 8, 2021
A Python module and command-line utility for converting .ANS format ANSI art to HTML

ansipants A Python module and command-line utility for converting .ANS format ANSI art to HTML. Installation pip install ansipants Command-line usage

null 4 Oct 16, 2022
Booky - A command line utility for bookmarking files on your terminal!

Booky A command line utility for bookmarking files for quick access With it you can: Bookmark and delete your (aliases of) files at demand Launch them

Pran 1 Sep 11, 2022
split-manga-pages: a command line utility written in Python that converts your double-page layout manga to single-page layout.

split-manga-pages split-manga-pages is a command line utility written in Python that converts your double-page layout manga (or any images in double p

Christoffer Aakre 3 May 24, 2022
A Python command-line utility for validating that the outputs of a given Declarative Form Azure Portal UI JSON template map to the input parameters of a given ARM Deployment Template JSON template

A Python command-line utility for validating that the outputs of a given Declarative Form Azure Portal UI JSON template map to the input parameters of a given ARM Deployment Template JSON template

Glenn Musa 1 Feb 3, 2022
A cd command that learns - easily navigate directories from the command line

NAME autojump - a faster way to navigate your filesystem DESCRIPTION autojump is a faster way to navigate your filesystem. It works by maintaining a d

William Ting 14.5k Jan 3, 2023
Comments
  • [Bug] Unexcepted exception occured.

    [Bug] Unexcepted exception occured.

    • slipit v1.0.0
    • Installed via pip
    • On Kali GNU/Linux Rolling, Linux kali 5.18.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07) x86_64 GNU/Linux
    • Python 3.10.5
    slipit --archive-type tgz test.tar.gz test.file 
[-] Unexcepted exception occured.
[-] 'NoneType' object has no attribute 'open'

    With the --archive-type option, the tool fails with the above error message. A .tar.gz file is successfully create without the option.

    opened by BreakfastSerial 1
Releases(v1.0.1)
Owner
usd AG
On our company website you will find our imprint (www.usd.de/en/imprint) and privacy policy (www.usd.de/en/privacy-protection)
usd AG
GitHub Repository
Python Library and CLI for exporting MySQL databases

expdb Python library and CLI for exporting MySQL databases Installation Pre-requisites MySQL server Python 3.9+ Using git Clone the repository to your

Devansh Singh 1 Nov 29, 2021
The Pythone Script will generate a (.)sh file with reverse shell codes then you can execute the script on the target

Pythone Script will generate a (.)sh file with reverse shell codes then you can execute the script on the targetPythone Script will generate a (.)sh file with reverse shell codes then you can execute

Boy From Future 15 Sep 16, 2022
Enriches Click with option groups, constraints, command aliases, help sections for subcommands, themes for --help and other stuff.

Enriches Click with option groups, constraints, command aliases, help sections for subcommands, themes for --help and other stuff.

Gianluca Gippetto 62 Dec 22, 2022
CLI client for FerrisChat

A CLI Client for @FerrisChat using FerrisWheel

FerrisChat 2 Apr 01, 2022
Python library & console tool for controlling Xiaomi smart appliances

python-miio This library (and its accompanying cli tool) can be used to interface with devices using Xiaomi's miIO and MIoT protocols. Getting started

Teemu R. 2.4k Jan 02, 2023
Hack-All is a simple CLI tool that helps ethical-hackers to make a reverse connection without knowing the target device in use is it computer or phone

Hack-All is a simple CLI tool that helps ethical-hackers to make a reverse connection without knowing the target device in use is it computer

LightYagami17 5 Nov 22, 2022
A Python-based command prompt concept which includes windows command emulation.

PythonCMD A Python-based command prompt concept which includes windows command emulation. Current features: echo: Input your message and it will be cl

1 Feb 05, 2022
Bear-Shell is a shell based in the terminal or command prompt.

Bear-Shell is a shell based in the terminal or command prompt. You can navigate files, run python files, create files via the BearUtils text editor, and a lot more coming up!

MichaelBear 6 Dec 25, 2021
🏃 Python3 Solutions of All Problems in GCJ 2022 (In Progress)

GoogleCodeJam 2022 Python3 solutions of Google Code Jam 2022. Solution begins with * means it will get TLE in the largest data set. Total computation

kamyu 12 Dec 20, 2022
Declarative CLIs with argparse and dataclasses

argparse_dataclass Declarative CLIs with argparse and dataclasses. Features Features marked with a ✓ are currently implemented; features marked with a

Mike DePalatis 29 Dec 06, 2022
Pequeno joguinho pra vocĂȘ rodar no seu terminal

JokenPython Pequeno joguinho pra vocĂȘ rodar no seu terminal OlĂĄ! Joguinho legal pra vc rodar no seu terminal!! (rode no terminal, pra melhor experienc

Scott 4 Nov 25, 2021
CLI/GUI Math commands based on python 3

PyMath Commands Syntax Installation Commands: pymath add: usage: pymath add 12.5 12.5 sub: usage: pymath sub 25 12.5 div: usage: pymath div 144 12 mul

eggsnham07 0 Nov 22, 2021
A set of libraries and functions for simplifying automating Cisco devices through SecureCRT.

This is a set of libraries for automating Cisco devices (and to a lesser extent, bash prompts) over ssh/telnet in SecureCRT.

Matthew Spangler 7 Mar 30, 2022
Python wrapper and CLI utility to render LaTeX markup and equations as SVG using dvisvgm and svgo.

latex2svg Python wrapper and CLI utility to render LaTeX markup and equations as SVG using dvisvgm and svgo. Based on the original work by Tino Wagner

Matthias C. Hormann 4 Feb 18, 2022
Simple command-line implementation of minesweeper

minesweeper This is a Python implementation of 2-D Minesweeper! Check out the tutorial here: https://youtu.be/Fjw7Lc9zlyU You start a game by running

Kylie 49 Dec 10, 2022
(BionicLambda Universal SHell) A simple shell made in Python. Docs and possible C port incoming.

blush 😳 (BionicLambda Universal SHell) A simple shell made in Python. Docs and possible C port incoming. Note: The Linux executables were made on Ubu

3 Jun 30, 2021
Terminal-based keyboard testing

kbdtest kbdtest is a simple Python program that tests keyboard input using an interactive, terminal-based, visual keyboard display. It was originally

Ruunyox 12 Jul 19, 2022
A very simple OpenContest command line client written in Python

OpenContest Client A very simple OpenContest command line client written in Python. The only dependency is the requests library. Tested with Linux onl

Ladue Computer Science 1 May 25, 2022
A dashboard for your Terminal written in the Python 3 language,

termDash is a handy little program, written in the Python 3 language, and is a small little dashboard for your terminal, designed to be a utility to help people, as well as helping new users get used

Rebecca White 2 Dec 03, 2021
Python commandline tool for remembering linux/terminal commands

ehh Remember linux commands Commandline tool for remembering linux/terminal commands. It stores your favorite commands in ~/ehh.json in your homedir a

56 Nov 10, 2022