I rarely do this but given the nature of the tutorial, I needed to create a word document with pictures to clearly illustrate the information.

This tutorial takes an example proof of concept file from a bugtraq post and look at exactly what was altered in the zip file and verify if the POC file will actually work. In addition, the tutorial shows you how to navigate a hex value table and how to change the proper values to produce a good POC file should you want to build your own zip file to test the vulnerability reported to bugtraq.

I wrote this tutorial for my junior security staff. They often see vulnerabilities posted but don't know how to validate the claims. Often, vulnerabilities are posted with vital information missing. Because many junior security staff don't know how to go about recreating a valid test, I picked an example off of bugtraq at random and put this tutorial together. I have MD5 hashed the file in case you are the paranoid type. Those who know me should feel comfortable DLing a word doc from me.

Enjoy.