php zip ctf: Updated Tue, 02 Aug 2022 02:45:45 GMT

zap proxy - modify post to inject a zip file

I am doing a CTF image now, and I need to upload a .zip file to execute using the php wrapper zip:// using this PHP ZIP Wrapper LFI vulnerability

The problem is that the only way to upload is with a POST form, so I would like to intercept the POST, submit and change the text I added for the binary data of the zip file.

I have tried to cat the *.zip file and paste it before continuing the POST but it did not work.

Some people suggested using Burp but I would like to know how to do this with Zap proxy.

Solution

Ok well is not exactly what I wanted but in zap if you go to the url with the form.. then intercept and instead of injecting I was able to select the post, then use one of the build in scripts in ZAP to convert to curl and from curl I was able to just add the filename and inject..

Scriptname is:
curl_command_generator.js

External Links

External links referenced by this document:

References

https://security.stackexchange.com/questions/179223