CVE-2022-30333 PoC — UnRAR 路径遍历漏洞

Source

https://github.com/aslitsecurity/Zimbra-CVE-2022-30333

Associated Vulnerability

Title:UnRAR 路径遍历漏洞 (CVE-2022-30333)
Description:UnRAR是一个可解压rar后缀文件的命令。 UnRAR 6.12 之前版本存在安全漏洞，该漏洞源于允许在提取（也称为解包）操作期间目录遍历写入文件，如创建 ~/.ssh/authorized_keys 文件所示。

Description

Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.

Readme

# Zimbra-CVE-2022-30333
Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.

# CVE-2022-30333 Zimbra UNRAR vulnerability. Unrar till V 6.11 vulnerable. Make sure your .jsp shell is undetected. This exploit will work on zimbra installed on default path.
# Place your webshell in folder root_ver. Remove existing shell.jsp file. And then rar the root_ver folder. Not ZIP, only rar. Then  python CVE-2022-30333.py root_ver.rar output.rar. Output.rar is the file you need to send.

# Do not add more than 1 file on root_ver/ folder.
# It can take few minutes for the shell to be extracted, or sometimes email is delivered late. 
# Your shell will be extracted at domain.com/yourshellname.jsp

File Snapshot


 [4.0K]  /data/pocs/7f147259ff254396a37c0a972fce6b8eaf7ca144
├── [1.6K]  CVE-2022-30333_webroot.py
├── [ 732]  README.md
└── [4.0K]  root_ver
    └── [   1]  shell.jsp

1 directory, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!