"Zip Slip is a form of directory traversal that can be exploited by extracting files from an archive. The premise of the directory traversal vulnerability is that an attacker can gain access to parts of the file system outside of the target folder in which they should reside"
Run the eviarc.py
Python script with the following parameters:
python evilarc.py -d 10 -o unix evil.sh
This will create an evil.zip
file containing the exploit.
Run the run.sh
script to: (1) build the Maven project as the Docker image, (2) deploy the Tomcat web service and (3) run the container. For that you need need to have installed:
- Java
- Python
- Docker
- Maven
Then upload the exploit zip file to the server. It will perform directory traversal attack to copy the evil.sh
file in the root of the target service.