GeneralBison
commented
3 years ago How is this an issue with Commando? Surely this is an issue with Git having a problem with the directory traversal payload (which you would expect)
Closed lucabigoni1992 closed 3 years ago
GeneralBison
commented
3 years ago How is this an issue with Commando? Surely this is an issue with Git having a problem with the directory traversal payload (which you would expect)
day1player
commented
3 years ago we ran in to this issue when creating the seclists.fireeye package.. We remove all of the file traversal payloads in order to have a clean install. You can install this package with cinst -y seclists.fireeye instead of using git clone (but yes, you will be missing the directory traversal payloads)
Describe the bug and expected behavior A clear and concise description of what the bug is.
To Reproduce Steps to reproduce the behavior: 1 oper cmd like asministrator 2 execute comand: cd c:\temp (folder where i can write wit all o.s. User) 2 execute comand: git clone --depth 1 https://github.com/danielmiessler/SecLists.git
example
C:\temp>git clone https://github.com/danielmiessler/SecLists.git Cloning into 'SecLists'... remote: Enumerating objects: 64, done. remote: Counting objects: 100% (64/64), done. remote: Compressing objects: 100% (37/37), done. remote: Total 9861 (delta 22), reused 55 (delta 20), pack-reused 9797 Receiving objects: 100% (9861/9861), 791.64 MiB | 8.12 MiB/s, done. Resolving deltas: 100% (5135/5135), done. error: invalid path 'Payloads/File-Names/traversal/..::..::;' fatal: unable to checkout working tree warning: Clone succeeded, but checkout failed. You can inspect what was checked out with 'git status' and retry with 'git restore --source=HEAD :/'
the folder C:\temp\SecLists now exist, but it is empty
Screenshots
Version