IT SECURITY WARNING!
KEEP SYSTEM OS AND BINARIES UP TO DATE!
that is why: https://www.youtube.com/watch?v=tfo3s-mwZm4
zip folder password protected:
# WARNING! WILL ENCRYPT THE DATA-CONTENT, BUT NOT THE FILENAMES! # will interactively ask for password zip -re password.protected.zip folder-to-zip
https://www.rarlab.com/download.htm
rar folder password protected:
Extracting a 19 Year Old Code Execution from WinRAR
To create a password protected rar archive archive.rar with password set to password, use:
# tested with Debian 3.16.36-1+deb8u1 (2016-09-03) i686 GNU/Linux
rar a -ppassword archive.rar folder_to_be_rared/
Creating archive test.rar
Adding test.txt OK
Done
creditz: https://www.feralhosting.com/faq/view?question=36
also self extracting archives are dangerous!
ZipSlip:
https://snyk.io/research/zip-slip-vulnerability
he vulnerability has been found in multiple ecosystems, including JavaScript, Ruby, .NET and Go, but is especially prevalent in Java, where there is no central library offering high level processing of archive (e.g. zip) files. The lack of such a library led to vulnerable code snippets being hand crafted and shared among developer communities such as StackOverflow .
Links & RSS:
CheckPointSecurity rss feed https://research.checkpoint.com/rss
(how to subscribe to rss feed via thunderbird)
https://www.youtube.com/user/CPGlobal/videos
liked this article?
- only together we can create a truly free world
- plz support dwaves to keep it up & running!
- (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
- really really hate advertisement
- contribute: whenever a solution was found, blog about it for others to find!
- talk about, recommend & link to this blog and articles
- thanks to all who contribute!