lazy way to create CVE-2023-38831 winrar file for testing# winrar_CVE-2023-38831_lazy_poc
lazy way to create CVE-2023-38831 winrar file for testing
Article that mentioned this vuln and the sample: https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/
version of winrar i was using is winrar 5.91.0
I took a malicious winrar file (049af32f678da5e344315ce46787e8fc https://gist.github.com/BoredHackerBlog/83cd5ca743189bf72b28ebaabe3c3df0) and removed all the included files besides the folder and main readme file
I created a new file with my command and added it to the ReadMe.txt folder and renamed the file to 'ReadMe.txt .cmd.'
<img width="1059" alt="image" src="https://user-images.githubusercontent.com/38662926/263032549-9278c687-8e5c-4418-a4e8-f98ab4c2410a.png">
<img width="790" alt="image" src="https://user-images.githubusercontent.com/38662926/263032670-b5c4e640-ab4e-4a0f-a857-ac70e41aff67.png">
<img width="967" alt="image" src="https://user-images.githubusercontent.com/38662926/263032761-3e4fa265-2782-4664-b61b-c4d6df5eb35b.png">
'ReadMe.txt .cmd' works too, so does .bat, feel free to experiment
test.rar in this repo can be used for testing. It does not have the command file included. You'll have to add that on your own.
fyi: ideally, you don't want to use modified malicious files for testing. play with this in a sandbox or a VM...
[4.0K] /data/pocs/6c234f8fc592e0db1cac042e7e16c2386de7c444
├── [1.3K] README.md
└── [ 433] test.rar
0 directories, 2 files