May 28, 2022
Zip-Exec.

 

Zip Exec is a one-of-a-kind method for running binaries from a password-protected zip file.

Zip Exec is a Proof-of-Concept (POC) tool that encapsulates binary-based utilities inside a password-protected zip file. This zip file is then base64 encoded and reconstructed on disc as a string. This encoded string is then loaded into a JScript file, which, when run, rebuilds and executes the password-protected zip file on disc. This is accomplished programmatically by leveraging COM objects to access the GUI-based functionality in Windows via the created JScript loader, which is then executed within the password-protected zip without the need to unzip it first. It protects the binaries from EDRs and disk-based or anti-malware scanning techniques by password securing the zip file.

Disclaimer: The intended use for the tool is strictly educational and should not be used for any other purpose.

Download Link: https://github.com/Tylous/ZipExec

Leave a Reply

Your email address will not be published.