支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款
一、 漏洞 CVE-2023-38831 基础信息
漏洞信息
                                        # N/A

## 漏洞概述
WinRAR 在 6.23 版本之前存在漏洞,当用户尝试查看 ZIP 归档中的良性文件时,攻击者可以执行任意代码。问题出在 ZIP 归档可以包括一个良性文件(例如普通的 .JPG 文件)和一个具有相同名称的文件夹,而该文件夹的内容(可能包括可执行内容)会在仅尝试访问良性文件时被处理。

## 影响版本
- WinRAR 6.23 之前的所有版本

## 细节
- 攻击者可以构造一个 ZIP 文件,其中包含一个良性文件(如 .JPG 文件)以及一个具有相同名称的文件夹,文件夹内可能包含可执行内容。
- 当用户尝试查看良性文件时,WinRAR 会处理文件夹内容并导致任意代码执行。

## 影响
- 该漏洞在 2023 年 4 月至 2023 年 10 月期间被利用。
神龙判断

是否为 Web 类漏洞:

判断理由:

否。这个漏洞是WinRAR的客户端漏洞,与Web服务的服务端无直接关系。该漏洞允许攻击者在用户尝试查看ZIP存档中的良性文件时执行任意代码,原因在于ZIP存档中可以包含一个与良性文件同名的文件夹,而该文件夹的内容(可能包含可执行内容)会在尝试访问良性文件时被处理。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
WinRAR 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2023-38831 的公开POC
#POC 描述源链接神龙链接
1lazy way to create CVE-2023-38831 winrar file for testinghttps://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_pocPOC详情
2CVE-2023-38831 winrar exploit generatorhttps://github.com/b1tg/CVE-2023-38831-winrar-exploitPOC详情
3Nonehttps://github.com/IR-HuntGuardians/CVE-2023-38831-HUNTPOC详情
4一款用于生成winrar程序RCE(即cve-2023-38831)的POC的工具。https://github.com/Garck3h/cve-2023-38831POC详情
5An easy to install and easy to run tool for generating exploit payloads for CVE-2023-38831, WinRAR RCE before versions 6.23https://github.com/ignis-sec/CVE-2023-38831-RaRCEPOC详情
6CVE-2023-38831 PoC (Proof Of Concept)https://github.com/HDCE-inc/CVE-2023-38831POC详情
7Pasos necesarios para obtener una reverse shell explotando la vulnerabilidad de winrar CVE-2023-38831 en versiones anteriores a 6.23.https://github.com/Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCEPOC详情
8Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831) https://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831POC详情
9CVE-2023-38831 WinRARhttps://github.com/akhomlyuk/cve-2023-38831POC详情
10KQL Hunting for WinRAR CVE-2023-38831https://github.com/PascalAsch/CVE-2023-38831-KQLPOC详情
11CVE-2023-38831 winrar exploit generator and get reverse shellhttps://github.com/my-elliot/CVE-2023-38831-winrar-expoit-simple-PocPOC详情
12Proof of Concept (POC) for CVE-2023-38831 WinRARhttps://github.com/thegr1ffyn/CVE-2023-38831POC详情
13This repository has both an attack detection tool and a Proof-of-Concept (PoC) Python script for the WinRAR CVE-2023-38831 vulnerability. https://github.com/MortySecurity/CVE-2023-38831-Exploit-and-DetectionPOC详情
14winrar exploit 6.22 <=https://github.com/nhman-python/CVE-2023-38831POC详情
15Proof-of-Concept for CVE-2023-38831 Zero-Day vulnerability in WinRARhttps://github.com/z3r0sw0rd/CVE-2023-38831-PoCPOC详情
16Nonehttps://github.com/BeniBeastt/CVE-2023-38831_ReverseShell_WinrarPOC详情
17This is a POC for the CVE-2023-3883 exploit targeting WinRAR up to 6.22. Modified some existing internet-sourced POCs by introducing greater dynamism and incorporated additional try-except blocks within the code.https://github.com/MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POCPOC详情
18CVE-2023-38831 winrar exploit builderhttps://github.com/Mich-ele/CVE-2023-38831-winrarPOC详情
19Nonehttps://github.com/asepsaepdin/CVE-2023-38831POC详情
20CVE-2023-38831-WINRAR-EXPLOIT GENERATORhttps://github.com/K3rnel-Dev/WinrarExploitPOC详情
21Nonehttps://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploitPOC详情
22This module exploits a vulnerability in WinRAR (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, a script is executed, leading to code execution.https://github.com/xaitax/WinRAR-CVE-2023-38831POC详情
23Quick exploit builder for CVE-2023-38831, a vulnerability that affects WinRAR versions before 6.23.https://github.com/GOTonyGO/CVE-2023-38831-winrarPOC详情
24CVE-2023-38831 WinRaR Exploit Generatorhttps://github.com/Malwareman007/CVE-2023-38831POC详情
25Proof of concept (PoC) exploit for WinRAR vulnerability (CVE-2023-38831) vulnerabilityhttps://github.com/ameerpornillos/CVE-2023-38831-WinRAR-ExploitPOC详情
26Nonehttps://github.com/IMHarman/CVE-2023-38831POC详情
27Nonehttps://github.com/an040702/CVE-2023-38831POC详情
28DR. GANDALF: Aplicacion DESKTOP para WINDOWS, Inyector de archivos ZIP, generador de exploits para vulnerabilidad de WinRAR 6.22 y anteriores.https://github.com/elefantesagradodeluzinfinita/cve-2023-38831POC详情
29Proof-of-Concept (POC) of CVE-2023-38831 Zero-Day vulnerability in WinRARhttps://github.com/malvika-thakur/CVE-2023-38831POC详情
30Nonehttps://github.com/ruycr4ft/CVE-2023-38831POC详情
31Nonehttps://github.com/Nielk74/CVE-2023-38831POC详情
32CVE-2023-38831 is an RCE in WinRAR (<6.23)https://github.com/kehrijksen/CVE-2023-38831POC详情
33SideCopy APT Group exploits CVE-2023-38831https://github.com/h3xecute/SideCopy-Exploits-CVE-2023-38831POC详情
34WinRAR cve-2023-38831-poc-generatorhttps://github.com/s4m98/winrar-cve-2023-38831-poc-genPOC详情
35WinRAR-6.22、CVE-2023-38831、CNNVD-202308-1943、DM-202307-003730、QVD-2023-19572漏洞复现https://github.com/xk-mt/WinRAR-Vulnerability-recurrence-tutorialPOC详情
36Proof-of-concept of CVE-2023-38831https://github.com/MyStuffYT/CVE-2023-38831-POCPOC详情
37Nonehttps://github.com/80r1ng/CVE-2023-38831-EXPPOC详情
38CVE-2023-38831 Proof-of-concept codehttps://github.com/SpamixOfficial/CVE-2023-38831POC详情
39Exploit Development using python for CVE-2023-38831 (POC)https://github.com/r1yaz/winDEDPOC详情
40Nonehttps://github.com/BeniB3astt/CVE-2023-38831_ReverseShell_WinrarPOC详情
41CVE-2023-38831 winrar exploit generator and get reverse shellhttps://github.com/ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-PocPOC详情
42evil-winrar,CVE-2023-38831漏洞利用和社会工程学攻击框架 (evil-winrar, CVE-2023-38831 Vulnerability Exploitation and Social Engineering Attack Framework)https://github.com/youmulijiang/evil-winrarPOC详情
43This is my malwarehttps://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UACPOC详情
44Nonehttps://github.com/RomainBayle08/CVE-2023-38831POC详情
45winrar exploit 6.22 <=https://github.com/sh770/CVE-2023-38831POC详情
46WinRAR漏洞测试复现。详参:https://flowus.cn/share/a3b35db0-ab5e-4abc-b8d3-5ff284e82e7bhttps://github.com/imbyter/imbyter-WinRAR_CVE-2023-38831POC详情
47Nonehttps://github.com/khanhtranngoccva/cve-2023-38831-pocPOC详情
48Remote Access Trojan (RAT) for Windows x64 using a combination of vulnerability CVE-2023-38831 (WinRAR < 6.23 vulnerability) and Shellcode exploitation technique.https://github.com/MaorBuskila/Windows-X64-RATPOC详情
49This Python application scans for the CVE-2023-38831 vulnerability in WinRAR.https://github.com/yezzfusl/cve_2023_38831_scannerPOC详情
50A POC demo on CVE-2023-38831https://github.com/FirFirdaus/CVE-2023-38831POC详情
51dhttps://github.com/ra3edAJ/LAB-DFIR-cve-2023-38831POC详情
52Nonehttps://github.com/technicalcorp2/CVE-2023-38831-exploit-generatorPOC详情
53This project contains a Python script that exploits **CVE-2023-38831**, a vulnerability in **WinRAR** versions prior to 6.23. The exploit generates a **malicious RAR archive** that triggers the execution of arbitrary code when the victim opens a benign-looking file within the archive (such as a PDF). https://github.com/technicalcorp0/CVE-2023-38831-ExploitPOC详情
54Nonehttps://github.com/idkwastaken/CVE-2023-38831POC详情
55Nonehttps://github.com/vilonachan/CVE-2023-38831-Winrar-Exploit-Generator-POCPOC详情
56Nonehttps://github.com/vilonachan/CVE-2023-38831-winrar-exploitPOC详情
57CVE-2023-38831 is a Zero-day WinRAR vulnerability that lets attackers disguise malicious files in archives, tricking users into executing harmful content.https://github.com/RonF98/CVE-2023-38831-POCPOC详情
58Nonehttps://github.com/VictoriousKnight/CVE-2023-38831_ExploitPOC详情
59POC Exploit Script in Pythonhttps://github.com/kuyrathdaro/winrar-cve-2023-38831POC详情
60CVE-2023-38831WinRAR代码执行漏洞复现资源文件https://github.com/chaos198800/CVE-2023-38831WinRAR-dai-ma-zhi-xing-lou-dong-fu-xian-zi-yuan-wen-jianPOC详情
61This repository has both an attack detection tool and a Proof-of-Concept (PoC) Python script for the WinRAR CVE-2023-38831 vulnerability. https://github.com/ML-K-eng/CVE-2023-38831-Exploit-and-DetectionPOC详情
62Nonehttps://github.com/Ben1B3astt/CVE-2023-38831_ReverseShell_WinrarPOC详情
63This project demonstrates a simulated exploitation of the WinRAR vulnerability CVE-2023-38831 to execute a reverse shell. The purpose of this task was to showcase how attackers can weaponize compressed archive files to gain remote access to a target machine. https://github.com/Tolu12wani/Demonstration-of-CVE-2023-38831-via-Reverse-Shell-ExecutionPOC详情
64ict519 assignmenthttps://github.com/yangdayyy/cve-2023-38831POC详情
65winrar exploit 6.22 <=https://github.com/sudo-py-dev/CVE-2023-38831POC详情
66Nonehttps://github.com/anelya0333/Exploiting-CVE-2023-38831POC详情
67CVE-2023-38831 ZIP Structure Detection Frameworkhttps://github.com/ouoxii/Software-Testing-Final-ProjectPOC详情
68CVE-2023-38831 (PoC) - WinRAR Exploithttps://github.com/kuyrathdaro/cve-2023-38831POC详情
69CVE-2023-38831 - WinRARhttps://github.com/mishra0230/CVE-2023-38831POC详情
三、漏洞 CVE-2023-38831 的情报信息
四、漏洞 CVE-2023-38831 的评论

暂无评论

发表评论