一、 漏洞 CVE-2023-38831 基础信息
漏洞信息
                                        # N/A

## 漏洞概述
WinRAR 在 6.23 版本之前存在漏洞,当用户尝试查看 ZIP 归档中的良性文件时,攻击者可以执行任意代码。问题出在 ZIP 归档可以包括一个良性文件(例如普通的 .JPG 文件)和一个具有相同名称的文件夹,而该文件夹的内容(可能包括可执行内容)会在仅尝试访问良性文件时被处理。

## 影响版本
- WinRAR 6.23 之前的所有版本

## 细节
- 攻击者可以构造一个 ZIP 文件,其中包含一个良性文件(如 .JPG 文件)以及一个具有相同名称的文件夹,文件夹内可能包含可执行内容。
- 当用户尝试查看良性文件时,WinRAR 会处理文件夹内容并导致任意代码执行。

## 影响
- 该漏洞在 2023 年 4 月至 2023 年 10 月期间被利用。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
WinRAR 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2023-38831 的公开POC
# POC 描述 源链接 神龙链接
1 lazy way to create CVE-2023-38831 winrar file for testing https://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc POC详情
2 CVE-2023-38831 winrar exploit generator https://github.com/b1tg/CVE-2023-38831-winrar-exploit POC详情
3 None https://github.com/IR-HuntGuardians/CVE-2023-38831-HUNT POC详情
4 一款用于生成winrar程序RCE(即cve-2023-38831)的POC的工具。 https://github.com/Garck3h/cve-2023-38831 POC详情
5 An easy to install and easy to run tool for generating exploit payloads for CVE-2023-38831, WinRAR RCE before versions 6.23 https://github.com/ignis-sec/CVE-2023-38831-RaRCE POC详情
6 CVE-2023-38831 PoC (Proof Of Concept) https://github.com/HDCE-inc/CVE-2023-38831 POC详情
7 Pasos necesarios para obtener una reverse shell explotando la vulnerabilidad de winrar CVE-2023-38831 en versiones anteriores a 6.23. https://github.com/Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCE POC详情
8 Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831) https://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831 POC详情
9 CVE-2023-38831 WinRAR https://github.com/akhomlyuk/cve-2023-38831 POC详情
10 KQL Hunting for WinRAR CVE-2023-38831 https://github.com/PascalAsch/CVE-2023-38831-KQL POC详情
11 CVE-2023-38831 winrar exploit generator and get reverse shell https://github.com/my-elliot/CVE-2023-38831-winrar-expoit-simple-Poc POC详情
12 Proof of Concept (POC) for CVE-2023-38831 WinRAR https://github.com/thegr1ffyn/CVE-2023-38831 POC详情
13 This repository has both an attack detection tool and a Proof-of-Concept (PoC) Python script for the WinRAR CVE-2023-38831 vulnerability. https://github.com/MortySecurity/CVE-2023-38831-Exploit-and-Detection POC详情
14 winrar exploit 6.22 <= https://github.com/nhman-python/CVE-2023-38831 POC详情
15 Proof-of-Concept for CVE-2023-38831 Zero-Day vulnerability in WinRAR https://github.com/z3r0sw0rd/CVE-2023-38831-PoC POC详情
16 None https://github.com/BeniBeastt/CVE-2023-38831_ReverseShell_Winrar POC详情
17 This is a POC for the CVE-2023-3883 exploit targeting WinRAR up to 6.22. Modified some existing internet-sourced POCs by introducing greater dynamism and incorporated additional try-except blocks within the code. https://github.com/MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC POC详情
18 CVE-2023-38831 winrar exploit builder https://github.com/Mich-ele/CVE-2023-38831-winrar POC详情
19 None https://github.com/asepsaepdin/CVE-2023-38831 POC详情
20 CVE-2023-38831-WINRAR-EXPLOIT GENERATOR https://github.com/K3rnel-Dev/WinrarExploit POC详情
21 None https://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploit POC详情
22 This module exploits a vulnerability in WinRAR (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, a script is executed, leading to code execution. https://github.com/xaitax/WinRAR-CVE-2023-38831 POC详情
23 Quick exploit builder for CVE-2023-38831, a vulnerability that affects WinRAR versions before 6.23. https://github.com/GOTonyGO/CVE-2023-38831-winrar POC详情
24 CVE-2023-38831 WinRaR Exploit Generator https://github.com/Malwareman007/CVE-2023-38831 POC详情
25 Proof of concept (PoC) exploit for WinRAR vulnerability (CVE-2023-38831) vulnerability https://github.com/ameerpornillos/CVE-2023-38831-WinRAR-Exploit POC详情
26 None https://github.com/IMHarman/CVE-2023-38831 POC详情
27 None https://github.com/an040702/CVE-2023-38831 POC详情
28 DR. GANDALF: Aplicacion DESKTOP para WINDOWS, Inyector de archivos ZIP, generador de exploits para vulnerabilidad de WinRAR 6.22 y anteriores. https://github.com/elefantesagradodeluzinfinita/cve-2023-38831 POC详情
29 Proof-of-Concept (POC) of CVE-2023-38831 Zero-Day vulnerability in WinRAR https://github.com/malvika-thakur/CVE-2023-38831 POC详情
30 None https://github.com/ruycr4ft/CVE-2023-38831 POC详情
31 None https://github.com/Nielk74/CVE-2023-38831 POC详情
32 CVE-2023-38831 is an RCE in WinRAR (<6.23) https://github.com/kehrijksen/CVE-2023-38831 POC详情
33 SideCopy APT Group exploits CVE-2023-38831 https://github.com/h3xecute/SideCopy-Exploits-CVE-2023-38831 POC详情
34 WinRAR cve-2023-38831-poc-generator https://github.com/s4m98/winrar-cve-2023-38831-poc-gen POC详情
35 WinRAR-6.22、CVE-2023-38831、CNNVD-202308-1943、DM-202307-003730、QVD-2023-19572漏洞复现 https://github.com/xk-mt/WinRAR-Vulnerability-recurrence-tutorial POC详情
36 Proof-of-concept of CVE-2023-38831 https://github.com/MyStuffYT/CVE-2023-38831-POC POC详情
37 None https://github.com/80r1ng/CVE-2023-38831-EXP POC详情
38 CVE-2023-38831 Proof-of-concept code https://github.com/SpamixOfficial/CVE-2023-38831 POC详情
39 Exploit Development using python for CVE-2023-38831 (POC) https://github.com/r1yaz/winDED POC详情
40 None https://github.com/BeniB3astt/CVE-2023-38831_ReverseShell_Winrar POC详情
41 CVE-2023-38831 winrar exploit generator and get reverse shell https://github.com/ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc POC详情
42 evil-winrar,CVE-2023-38831漏洞利用和社会工程学攻击框架 (evil-winrar, CVE-2023-38831 Vulnerability Exploitation and Social Engineering Attack Framework) https://github.com/youmulijiang/evil-winrar POC详情
43 This is my malware https://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC POC详情
44 None https://github.com/RomainBayle08/CVE-2023-38831 POC详情
45 winrar exploit 6.22 <= https://github.com/sh770/CVE-2023-38831 POC详情
46 WinRAR漏洞测试复现。详参:https://flowus.cn/share/a3b35db0-ab5e-4abc-b8d3-5ff284e82e7b https://github.com/imbyter/imbyter-WinRAR_CVE-2023-38831 POC详情
47 None https://github.com/khanhtranngoccva/cve-2023-38831-poc POC详情
48 Remote Access Trojan (RAT) for Windows x64 using a combination of vulnerability CVE-2023-38831 (WinRAR < 6.23 vulnerability) and Shellcode exploitation technique. https://github.com/MaorBuskila/Windows-X64-RAT POC详情
49 This Python application scans for the CVE-2023-38831 vulnerability in WinRAR. https://github.com/yezzfusl/cve_2023_38831_scanner POC详情
50 A POC demo on CVE-2023-38831 https://github.com/FirFirdaus/CVE-2023-38831 POC详情
51 d https://github.com/ra3edAJ/LAB-DFIR-cve-2023-38831 POC详情
52 None https://github.com/technicalcorp2/CVE-2023-38831-exploit-generator POC详情
53 This project contains a Python script that exploits **CVE-2023-38831**, a vulnerability in **WinRAR** versions prior to 6.23. The exploit generates a **malicious RAR archive** that triggers the execution of arbitrary code when the victim opens a benign-looking file within the archive (such as a PDF). https://github.com/technicalcorp0/CVE-2023-38831-Exploit POC详情
54 None https://github.com/idkwastaken/CVE-2023-38831 POC详情
55 None https://github.com/vilonachan/CVE-2023-38831-Winrar-Exploit-Generator-POC POC详情
56 None https://github.com/vilonachan/CVE-2023-38831-winrar-exploit POC详情
57 CVE-2023-38831 is a Zero-day WinRAR vulnerability that lets attackers disguise malicious files in archives, tricking users into executing harmful content. https://github.com/RonF98/CVE-2023-38831-POC POC详情
58 None https://github.com/VictoriousKnight/CVE-2023-38831_Exploit POC详情
59 POC Exploit Script in Python https://github.com/kuyrathdaro/winrar-cve-2023-38831 POC详情
60 CVE-2023-38831WinRAR代码执行漏洞复现资源文件 https://github.com/chaos198800/CVE-2023-38831WinRAR-dai-ma-zhi-xing-lou-dong-fu-xian-zi-yuan-wen-jian POC详情
61 This repository has both an attack detection tool and a Proof-of-Concept (PoC) Python script for the WinRAR CVE-2023-38831 vulnerability. https://github.com/ML-K-eng/CVE-2023-38831-Exploit-and-Detection POC详情
62 None https://github.com/Ben1B3astt/CVE-2023-38831_ReverseShell_Winrar POC详情
63 This project demonstrates a simulated exploitation of the WinRAR vulnerability CVE-2023-38831 to execute a reverse shell. The purpose of this task was to showcase how attackers can weaponize compressed archive files to gain remote access to a target machine. https://github.com/Tolu12wani/Demonstration-of-CVE-2023-38831-via-Reverse-Shell-Execution POC详情
三、漏洞 CVE-2023-38831 的情报信息
四、漏洞 CVE-2023-38831 的评论

暂无评论

发表评论