ZIPs 2/n
If you just hopped to this without reading the first part then HOL’ UP and read the first blog.
Some basic tricks
* Messing up external attributes
Some basic MS-DOS attributes are:
Attribute | Bits |
---|---|
READ ONLY | 00000001 |
HIDDEN | 00000010 |
SYSTEM | 00000100 |
DIRECTORY | 00010000 |
ARCHIVE | 00100000 |
now if you have a file compressed inside a ZIP then you can simply change External File Attributes
in CDH to say 20 or 0b00010010 and the windows zip parser will parse that file as a hidden directory. But yeah you cannot just fool every parser using this.
* Polyglots and other ways to combine ZIPs with other files
PKZIP doesn’t enforce you to start the LFH at offset 0x00. Yes, that means that the ZIP can be anywhere in a binary blob and that will be a valid zip, if and only if it follows some rules :
- All the offsets which are stored inside the LFH, CDH & EoCDH should be correct.
- You can prepend as much data as you can. There’s literally zero problem with that but this is not true for
Read other posts