From c8bc8eb242bb4ae4b41a1ceb46a5ca31c57b4a15 Mon Sep 17 00:00:00 2001
From: PinkDev1 <5990@protonmail.com>
Date: Thu, 23 Jun 2022 19:32:39 -0300
Subject: [PATCH] Fixed #770: Zipped files with problematic filenames

---
 Payloads/File-Names/README.md               |  23 ++++++++++++++++++++
 Payloads/File-Names/directory-traversal.zip | Bin 0 -> 3028 bytes
 Payloads/File-Names/traversal/..::..::;     |   1 -
 Payloads/File-Names/traversal/..::;         |   1 -
 Payloads/File-Names/traversal/..:;          |   1 -
 Payloads/File-Names/traversal/..;           |   1 -
 Payloads/File-Names/traversal/..;:          |   1 -
 "Payloads/File-Names/traversal/..\\:;"      |   1 -
 Payloads/File-Names/traversal/.:..:         |   1 -
 Payloads/File-Names/traversal/.:..:;        |   1 -
 Payloads/File-Names/traversal/.:;           |   1 -
 Payloads/File-Names/traversal/.;            |   1 -
 Payloads/File-Names/traversal/.;:           |   1 -
 Payloads/File-Names/traversal/:..:;         |   1 -
 Payloads/File-Names/traversal/::..::;       |   1 -
 Payloads/File-Names/traversal/:;            |   1 -
 Payloads/File-Names/traversal/;             |   1 -
 Payloads/File-Names/traversal/;:            |   1 -
 "Payloads/File-Names/traversal/;\\:"        |   1 -
 19 files changed, 23 insertions(+), 17 deletions(-)
 create mode 100644 Payloads/File-Names/README.md
 create mode 100644 Payloads/File-Names/directory-traversal.zip
 delete mode 100644 Payloads/File-Names/traversal/..::..::;
 delete mode 100644 Payloads/File-Names/traversal/..::;
 delete mode 100644 Payloads/File-Names/traversal/..:;
 delete mode 100644 Payloads/File-Names/traversal/..;
 delete mode 100644 Payloads/File-Names/traversal/..;:
 delete mode 100644 "Payloads/File-Names/traversal/..\\:;"
 delete mode 100644 Payloads/File-Names/traversal/.:..:
 delete mode 100644 Payloads/File-Names/traversal/.:..:;
 delete mode 100644 Payloads/File-Names/traversal/.:;
 delete mode 100644 Payloads/File-Names/traversal/.;
 delete mode 100644 Payloads/File-Names/traversal/.;:
 delete mode 100644 Payloads/File-Names/traversal/:..:;
 delete mode 100644 Payloads/File-Names/traversal/::..::;
 delete mode 100644 Payloads/File-Names/traversal/:;
 delete mode 100644 Payloads/File-Names/traversal/;
 delete mode 100644 Payloads/File-Names/traversal/;:
 delete mode 100644 "Payloads/File-Names/traversal/;\\:"

diff --git a/Payloads/File-Names/README.md b/Payloads/File-Names/README.md
new file mode 100644
index 00000000..d18cff31
--- /dev/null
+++ b/Payloads/File-Names/README.md
@@ -0,0 +1,23 @@
+# directory-traversal.zip
+
+This zip file containes files with filenames for directory traversal:
+
+- `..::..::;`
+- `..::;`
+- `..:;`
+- `..;`
+- `..;:`
+- `..\:;`
+- `.:..:`
+- `.:..:;`
+- `.:;`
+- `.;`
+- `.;:`
+- `:..:;`
+- `::..::;`
+- `:;`
+- `;`
+- `;:`
+- `;\:`
+
+It's impossible to unzip this file on Windows, due to their arbitrary filename restrictions. It's possible to unzip it in WSL though.
diff --git a/Payloads/File-Names/directory-traversal.zip b/Payloads/File-Names/directory-traversal.zip
new file mode 100644
index 0000000000000000000000000000000000000000..42111c36a8c73dc648f8db504eb075a459d2f538
GIT binary patch
literal 3028
zcmcJRKTE?<6vbbfR4_^Z*~LMmU%=?%lHedX2wgf<T)MQ_MFN%hhpr-YbW(8F58%)b
z;@~3P)QSjx2j5FVoAaQ^jn|ZfEd6oLz2_a$YMPcU)b-T3Z^tj`!xn4eEb3nLqtkA<
zdC*=K=J5HXcl<u?oev#hSf8d4@uLNdx9RPpD;er81H<zIf5uTPjkDhm!$IS45QRtf
zVx|jBKlnSb1Vk2*H9-2l=lL8;(Ywdsy@EoeP6ntpP!6P?Bn~FZ3_1+qbYPqeqs0CE
zON=-UWgUDgnM_i3{~eCSYfz<?y+t?<XBDTabP^(E6xPi})xMgRd{un!s@H7M7n7pb
z%DL4<9@c!qGbHKZau0Y(>C>66$TIJMsir_DmVo#L#JKe7$QmGbr2qLKXGegJMejF&
zRk@-QD<Jd(h-s|oP#kDb$hwb{N=KGK=QSd8GEwF$Fyqpv%XC2Iw)_y9@10>kBLJpN
zN>_<7ngCRlKAl(x-y2rex00D#D&}*ff#cGrt3~Jpp-Jh}p_rzvB90)}@~be_D@6Ws
TI*UuP$Ha>KP38Yy<SoPxNkrBz

literal 0
HcmV?d00001

diff --git a/Payloads/File-Names/traversal/..::..::; b/Payloads/File-Names/traversal/..::..::;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/..::..::;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/..::; b/Payloads/File-Names/traversal/..::;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/..::;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/..:; b/Payloads/File-Names/traversal/..:;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/..:;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/..; b/Payloads/File-Names/traversal/..;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/..;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/..;: b/Payloads/File-Names/traversal/..;:
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/..;:
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git "a/Payloads/File-Names/traversal/..\\:;" "b/Payloads/File-Names/traversal/..\\:;"
deleted file mode 100644
index 557db03d..00000000
--- "a/Payloads/File-Names/traversal/..\\:;"
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/.:..: b/Payloads/File-Names/traversal/.:..:
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/.:..:
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/.:..:; b/Payloads/File-Names/traversal/.:..:;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/.:..:;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/.:; b/Payloads/File-Names/traversal/.:;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/.:;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/.; b/Payloads/File-Names/traversal/.;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/.;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/.;: b/Payloads/File-Names/traversal/.;:
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/.;:
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/:..:; b/Payloads/File-Names/traversal/:..:;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/:..:;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/::..::; b/Payloads/File-Names/traversal/::..::;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/::..::;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/:; b/Payloads/File-Names/traversal/:;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/:;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/; b/Payloads/File-Names/traversal/;
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/;
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git a/Payloads/File-Names/traversal/;: b/Payloads/File-Names/traversal/;:
deleted file mode 100644
index 557db03d..00000000
--- a/Payloads/File-Names/traversal/;:
+++ /dev/null
@@ -1 +0,0 @@
-Hello World
diff --git "a/Payloads/File-Names/traversal/;\\:" "b/Payloads/File-Names/traversal/;\\:"
deleted file mode 100644
index 557db03d..00000000
--- "a/Payloads/File-Names/traversal/;\\:"
+++ /dev/null
@@ -1 +0,0 @@
-Hello World