POC详情: 597e36067f6298cea0e8ef062f23fc015a641619

来源
https://github.com/shinigami-777/PoC_CVE-2025-11579
关联漏洞
标题: rardecode 安全漏洞 (CVE-2025-11579)
描述:rardecode是Nicholas Waples个人开发者的一个用于阅读RAR文件的golang包。 rardecode 2.1.1及之前版本存在安全漏洞,该漏洞源于未限制字典大小,攻击者可提供特制RAR文件导致内存耗尽崩溃。
描述
Proof of Concept for CVE-2025-11579
介绍
# PoC CVE-2025-11579

### Overview
rardecode versions `<= 2.1.1` fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash.

### Exploit
We craft a RAR file with an artificially large dictionary size causing the library to attempt massive memory allocations and then have an Out of Memory Crash.

### Exploit Steps
1. Use the `14Gb.rar` file and do `go run exploit.go`.
<img width="980" height="401" alt="proof" src="https://github.com/user-attachments/assets/44418ebc-6ca4-4324-aa43-08abdab8d842" />

2. Use the normal `simple.rar` provided and run the exploit. It is successfully extracted.
<img width="576" height="65" alt="proof2" src="https://github.com/user-attachments/assets/31e3f57b-505e-4db5-9925-dbec204f20d3" />
文件快照

 [4.0K]  /data/pocs/597e36067f6298cea0e8ef062f23fc015a641619
├── [598K]  14Gb.rar
├── [1009]  exploit.go
├── [  95]  go.mod
├── [ 181]  go.sum
├── [1.1K]  LICENSE
├── [ 864]  README.md
└── [  87]  simple.rar

0 directories, 7 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。