File Handling and Vulnerabilities in Archives

Episode 132: In this episode of Critical Thinking - Bug Bounty Podcast, Justin Gardner is joined by Mathias Karlsson to discuss vulnerabilities associated with archives. They talk about his new tool, Archive Alchemist, and explore topics like the significance of Unicode paths, symlinks, and TAR before they end up talking about Charsets again..

Follow us on twitter at: https://x.com/ctbbpodcast

Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

====== Links ======

Follow your hosts Rhynorater and Rez0 on Twitter:

====== Ways to Support CTBBPodcast ======

Hop on the CTBB Discord!

You can also find some hacker swag at https://ctbb.show/merch!

Today's Sponsor: ThreatLocker - Patch Management

Today’s Guest: Mathias Karlsson

====== This Week in Bug Bounty ======

Swiss Post's 2025 Public Intrusion Test starts on July 28

Intigriti teams with NVIDIA

Bugcrowd Ingenuity Awards

Hack the Hacker Series - AI Vulnerabilities and Bug Bounties

A Novel Technique for SQL Injection in PDO’s Prepared Statements

How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance

====== Resources ======

Archive Alchemist

Hacking Livestream #53: The ZIP file format

====== Timestamps ======

(00:00:00) Introduction

(00:10:04) Archive Alchemist

(00:36:05) Unicode Extensions, normalization, and confusion attacks on Zip parsers

(00:48:44) Character Sets

(01:01:49) 7zip & File Names

(01:06:44) Path Traversal, Symlinks & Identifying Techniques

(01:36:05) Hardlinks and TAR