However, we cannot use it because it contains a slash (“/”) character that cannot be used in the file name this sign is a folder separator in the path. The first thought would be to add the most standard injection i.e., alert(1). Since we already know that we can inject our own HTML code, the natural next step is to inject our own JavaScript code. This leads to the conclusion that in QuickLook it is possible inject your own HTML code. Then I checked what the real file names were inside the archive, and it came out that the name of this “underlined” file was: somethingother.jpg. I noticed it once by accident when I ran QuickLook on one of the files that I had on the disk. The fragment of the second file name is underlinedĪs you can see in Figure 1, the fragment of the name in one of the files is underlined. When using QuickLook, archive contents are displayed on the zip files (Figure 1). In the default installation, BetterZip is also attached to the QuickLook function in the system, by which pressing the space bar in the default file browser on macOS will display the preview of this file. Later in the article we will focus on this third effect-the ability to perform any actions in the context of the attacked domain.īetterZip is an application for viewing and creating archives (7z, rar, zip, etc.) for the macOS system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |