2023-07-02 23:10:27 +05:30
|
|
|
id: tar-extraction
|
2022-12-22 16:27:38 +05:30
|
|
|
|
|
|
|
|
info:
|
2023-07-02 23:10:27 +05:30
|
|
|
name: Path Injection Vulnerability in TAR Extraction
|
2022-12-22 16:27:38 +05:30
|
|
|
author: me_dheeraj (https://twitter.com/Dheerajmadhukar)
|
|
|
|
|
severity: info
|
|
|
|
|
description: Insecure TAR archive extraction can result in arbitrary path over write and can result in code injection.
|
|
|
|
|
tags: file,nodejs
|
|
|
|
|
file:
|
|
|
|
|
- extensions:
|
|
|
|
|
- all
|
2022-12-22 17:07:08 +05:30
|
|
|
matchers:
|
2022-12-22 16:27:38 +05:30
|
|
|
- type: regex
|
|
|
|
|
regex:
|
2023-06-28 10:44:19 +05:30
|
|
|
- "require\\('tar-stream'\\)"
|
|
|
|
|
- "[\\w\\W]+?\\.createWriteStream\\([\\w\\W]*?\\, [\\w\\W]*?\\)"
|
|
|
|
|
- "[\\w\\W]+?\\.writeFile\\([\\w\\W]*?\\, [\\w\\W]*?\\)"
|
|
|
|
|
- "[\\w\\W]+?\\.writeFileSync\\([\\w\\W]*?\\, [\\w\\W]*?\\)"
|
2023-10-14 16:57:55 +05:30
|
|
|
condition: or
|
2024-12-01 13:57:55 +00:00
|
|
|
# digest: 4a0a00473045022100f8dfeaaf606976931effe9fe032866cd4afcff3989fbc9caa38ad9fbbfa634da02201e46d8c4d5b9b19945f9376512be2ccbfcce5f35a22297845e97d8c1bfabd10b:922c64590222798bb761d5b6d8e72950
|
