CVE-2023-38831 PoC — WinRAR 安全漏洞

Source

https://github.com/youmulijiang/evil-winrar

Associated Vulnerability

Title:WinRAR 安全漏洞 (CVE-2023-38831)
Description:WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。

Description

evil-winrar,CVE-2023-38831漏洞利用和社会工程学攻击框架 (evil-winrar, CVE-2023-38831 Vulnerability Exploitation and Social Engineering Attack Framework)

Readme

# eval-winrar
evil-winrar,cve-2023-38831漏洞利用和社会工程学攻击框架 (evil-winrar, csv-2023-38831 Vulnerability Exploitation and Social Engineering Attack Framework)

## 介绍

evil-winrar是winrar csv-2023-38831漏洞利用和社会工程学攻击框架,支持exp生成,邮件发送和下载链接生成

## 下载

```
git clone https://github.com/youmulijiang/evil-winrar.git
cd evil-winrar
python evil-winrar.py
```

## 使用截图

![image](https://github.com/youmulijiang/eval-winrar/assets/111237463/cc036ed1-b04d-42eb-98c2-8d0505a3c2fc)
![image](https://github.com/youmulijiang/eval-winrar/assets/111237463/512d34b0-2974-4250-8c4c-4cf49ce5eeed)

## 作者介绍

作者是一个安全开发成员,如果喜欢该项目,请点击右上角的start⭐

梨酱最喜欢⭐⭐啦 ヾ(≧▽≦*)o

File Snapshot


 [4.0K]  /data/pocs/15fe125f3ed3807b2a463716a2f39440a6cf9923
├── [4.0K]  config
│   ├── [ 244]  config.ini
│   └── [ 479]  parseconf.py
├── [4.0K]  evil-winrar
│   ├── [4.0K]  config
│   │   ├── [ 244]  config.ini
│   │   └── [ 479]  parseconf.py
│   ├── [2.9K]  evil-winrar.py
│   ├── [4.0K]  image
│   │   └── [4.0K]  readme
│   │       ├── [ 39K]  1711375213586.png
│   │       └── [ 70K]  1711375674339.png
│   ├── [4.0K]  payload
│   │   ├── [  10]  script.bat
│   │   └── [  11]  test.txt
│   ├── [ 554]  readme.md
│   └── [4.0K]  src
│       ├── [ 441]  edit.py
│       ├── [3.3K]  generate.py
│       ├── [4.1K]  httpserver.py
│       ├── [   0]  __init__.py
│       ├── [4.0K]  lib
│       │   ├── [ 181]  check_file.py
│       │   ├── [1.2K]  colorprint.py
│       │   └── [4.0K]  __pycache__
│       │       └── [2.6K]  colorprint.cpython-311.pyc
│       ├── [4.0K]  __pycache__
│       │   ├── [ 943]  editconf.cpython-311.pyc
│       │   ├── [1.0K]  edit.cpython-311.pyc
│       │   ├── [5.5K]  generate.cpython-311.pyc
│       │   ├── [7.1K]  httpserver.cpython-311.pyc
│       │   ├── [ 182]  __init__.cpython-311.pyc
│       │   ├── [6.7K]  sendemail.cpython-311.pyc
│       │   └── [ 15K]  termial.cpython-311.pyc
│       ├── [3.3K]  sendemail.py
│       └── [ 10K]  termial.py
├── [2.9K]  evil-winrar.py
├── [4.0K]  image
│   └── [4.0K]  readme
│       ├── [ 38K]  1711377234374.png
│       └── [ 70K]  1711377288445.png
├── [1.3K]  LICENSE
├── [4.0K]  payload
│   ├── [  10]  script.bat
│   └── [  11]  test.txt
├── [ 556]  readme.md
├── [ 816]  README.md
└── [4.0K]  src
    ├── [ 441]  edit.py
    ├── [3.3K]  generate.py
    ├── [4.1K]  httpserver.py
    ├── [   0]  __init__.py
    ├── [4.0K]  lib
    │   ├── [ 181]  check_file.py
    │   ├── [1.2K]  colorprint.py
    │   └── [4.0K]  __pycache__
    │       └── [2.6K]  colorprint.cpython-311.pyc
    ├── [4.0K]  __pycache__
    │   ├── [ 943]  editconf.cpython-311.pyc
    │   ├── [1.0K]  edit.cpython-311.pyc
    │   ├── [5.5K]  generate.cpython-311.pyc
    │   ├── [7.1K]  httpserver.cpython-311.pyc
    │   ├── [ 182]  __init__.cpython-311.pyc
    │   ├── [6.7K]  sendemail.cpython-311.pyc
    │   └── [ 14K]  termial.cpython-311.pyc
    ├── [3.3K]  sendemail.py
    └── [ 10K]  termial.py

17 directories, 50 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!