POC详情: 61ffdad0869bf8d57040e3c2163ca37e925cd292

来源
https://github.com/h3xecute/SideCopy-Exploits-CVE-2023-38831
关联漏洞
标题: WinRAR 安全漏洞 (CVE-2023-38831)
描述:WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。
描述
SideCopy APT Group exploits CVE-2023-38831
介绍
# SideCopy Exploits CVE-2023-38831

CVE-2023-38831 is a Remote Code Execution (RCE) vulnerability in WinRAR that impacts WinRAR versions prior to 6.23. Here's how an attacker can exploit it: the malicious archive file contains both a benign file and a folder with the same name as the file. Typically, this folder contains malware that will be executed when the victim attempts to open the seemingly harmless file.

Within this example RAR file, there is a PDF file that is benign, and inside the folder, there is an executable file containing malware.

If the victim is using a WinRAR version prior to 6.23 and attempts to open the seemingly harmless PDF document, the malware will be executed.

## PoC Video:
[![SideCopy APT Exploits CVE-2023 38831 (Proof-of-Concept Video)](https://img.youtube.com/vi/nioUjywlg5c/0.jpg)](https://www.youtube.com/watch?v=nioUjywlg5c)
文件快照

 [4.0K]  /data/pocs/61ffdad0869bf8d57040e3c2163ca37e925cd292
└── [ 869]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。