Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-8088 PoC — WinRAR 安全漏洞

Source
https://github.com/jordan922/CVE-2025-8088
Associated Vulnerability
Title:WinRAR 安全漏洞 (CVE-2025-8088)
Description:WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞,该漏洞源于路径遍历问题,可能导致任意代码执行。
Description
Python tool for safe archive handling, path traversal awareness, and secure extraction. Inspired by CVE-2025-8088.
Readme
# CVE-2025-8088
Python tool for safe archive handling, path traversal awareness, and secure extraction. Inspired by CVE-2025-8088.



Safe Archive Handling PoC

Educational blue-team tool inspired by path traversal issues such as CVE-2025-8088.
This script helps detect and safely handle dangerous archive entries without creating or deploying any malicious payloads.

Features

	•	Harmless ZIP traversal simulation — build ZIP files that store a benign file under a traversal path (for training/testing).
 
	•	Archive auditing — scan ZIP and RAR files for suspicious paths before extraction.
 
	•	Safe extraction — extract only trusted entries, blocking potential traversal or absolute-path exploits.

Why This Matters

Path traversal in archive files can allow attackers to drop files outside the intended extraction folder, sometimes into sensitive locations such as startup folders or system directories.
This project demonstrates the concept safely and provides defensive tools to handle untrusted archives.

Installation

Requires Python 3.7+

||| pip install rarfile

For RAR auditing, you must also install an UnRAR backend on your OS.



Usage

1. Build a harmless ZIP with a traversal path

   python CVE-2025-8088.py -p "C:\Windows\System32\calc.exe" -o "C:\lab\malicious_calc.rar"

   ⚠️ Only open the generated ZIP in a safe test environment.

   
python safe_traversal_poc.py audit suspicious.rar

2. Audit an archive

   python safe_extract.py audit suspicious.rar

3. Safe extraction

python safe_traversal_poc.py extract-safe suspicious.zip safe_output

python safe_traversal_poc.py extract-safe suspicious.zip safe_output


[OK] docs/readme.txt
[!!] ../../AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/file.exe
[SKIP] dangerous path in ZIP: ../../AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/file.exe


Safety Notes

	•	This project does not create malicious files or weaponized RAR exploits.
 
	•	The traversal PoC uses only benign files you provide (e.g., calc.exe).
 
	•	Always test in an isolated lab environment.
File Snapshot

 [4.0K]  /data/pocs/6425af25e1b731766779378d5b2b529111b817cb
├── [1.6K]  CVE-2025-8088.py
├── [1.0K]  LICENSE
├── [2.0K]  README.md
└── [5.3K]  safe_extract.py

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.