CVE-2023-38831 PoC — WinRAR 安全漏洞

Source

https://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploit

Associated Vulnerability

Title:WinRAR 安全漏洞 (CVE-2023-38831)
Description:WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。

Readme


# CVE-2023-38831 winrar exploit generator

## Quick poc test

Generate the default poc for test

```
python cve-2023-38831-exp-gen.py poc
or
python cve-2023-38831-exp-gen.py CLASSIFIED_DOCUMENTS.pdf script.bat  poc.rar
```

## Custom

1. Place the bait file and (evil) script file in the current directory, the bait file is recommended to be an image (.png, jpg) or a document (.pdf)
2. Run `python cve-2023-38831-exp-gen.py <bait name> <script name> <output name>` to generate your exploit


## Screenshots

Infected version: winrar <= 6.22

![demo](./demo.png)

## Analysis Blog

https://b1tg.github.io/post/cve-2023-38831-winrar-analysis/

## Reference

https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/

File Snapshot


 [4.0K]  /data/pocs/310edfa1038a82d01e7d2f3799bb3c6e70809c5b
├── [180K]  CLASSIFIED_DOCUMENTS.pdf
├── [1.5K]  cve-2023-38831-exp-gen.py
├── [175K]  CVE-2023-38831-poc.rar
├── [199K]  demo.png
├── [ 720]  README.md
└── [  36]  script.bat

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!