漏洞平台

POC详情： 6425af25e1b731766779378d5b2b529111b817cb

来源

https://github.com/jordan922/CVE-2025-8088

关联漏洞

标题： WinRAR 安全漏洞 (CVE-2025-8088)
描述：WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞，该漏洞源于路径遍历问题，可能导致任意代码执行。

描述

Python tool for safe archive handling, path traversal awareness, and secure extraction. Inspired by CVE-2025-8088.

介绍

# CVE-2025-8088
Python tool for safe archive handling, path traversal awareness, and secure extraction. Inspired by CVE-2025-8088.



Safe Archive Handling PoC

Educational blue-team tool inspired by path traversal issues such as CVE-2025-8088.
This script helps detect and safely handle dangerous archive entries without creating or deploying any malicious payloads.

Features

	•	Harmless ZIP traversal simulation — build ZIP files that store a benign file under a traversal path (for training/testing).
 
	•	Archive auditing — scan ZIP and RAR files for suspicious paths before extraction.
 
	•	Safe extraction — extract only trusted entries, blocking potential traversal or absolute-path exploits.

Why This Matters

Path traversal in archive files can allow attackers to drop files outside the intended extraction folder, sometimes into sensitive locations such as startup folders or system directories.
This project demonstrates the concept safely and provides defensive tools to handle untrusted archives.

Installation

Requires Python 3.7+

||| pip install rarfile

For RAR auditing, you must also install an UnRAR backend on your OS.



Usage

1. Build a harmless ZIP with a traversal path

   python CVE-2025-8088.py -p "C:\Windows\System32\calc.exe" -o "C:\lab\malicious_calc.rar"

   ⚠️ Only open the generated ZIP in a safe test environment.

   
python safe_traversal_poc.py audit suspicious.rar

2. Audit an archive

   python safe_extract.py audit suspicious.rar

3. Safe extraction

python safe_traversal_poc.py extract-safe suspicious.zip safe_output

python safe_traversal_poc.py extract-safe suspicious.zip safe_output


[OK] docs/readme.txt
[!!] ../../AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/file.exe
[SKIP] dangerous path in ZIP: ../../AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/file.exe


Safety Notes

	•	This project does not create malicious files or weaponized RAR exploits.
 
	•	The traversal PoC uses only benign files you provide (e.g., calc.exe).
 
	•	Always test in an isolated lab environment.

文件快照


 [4.0K]  /data/pocs/6425af25e1b731766779378d5b2b529111b817cb
├── [1.6K]  CVE-2025-8088.py
├── [1.0K]  LICENSE
├── [2.0K]  README.md
└── [5.3K]  safe_extract.py

0 directories, 4 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。