CVE-2023-38831 PoC — WinRAR 安全漏洞

Source

https://github.com/Tolu12wani/Demonstration-of-CVE-2023-38831-via-Reverse-Shell-Execution

Associated Vulnerability

Title:WinRAR 安全漏洞 (CVE-2023-38831)
Description:WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。

Description

This project demonstrates a simulated exploitation of the WinRAR vulnerability CVE-2023-38831 to execute a reverse shell. The purpose of this task was to showcase how attackers can weaponize compressed archive files to gain remote access to a target machine.

Readme

# CVE-2023-38831 Reverse Shell Demonstration

This repository contains a PDF summary and screenshots of a lab-based demonstration of CVE-2023-38831. The vulnerability allows attackers to embed and execute malicious payloads in compressed files. In this case, the payload triggers a reverse shell.

## What's Inside:
- summary_report.pdf: A detailed explanation of the lab process
- /screenshots: Visual proof of steps and outcome

## Note:
- This repository does NOT contain any executable code or malware.
- All actions were performed for educational purposes in an isolated environment.

File Snapshot


 [4.0K]  /data/pocs/86498d6939f52f6ec6d7a881286600adbf206766
├── [2.7K]  CVE-2023-38831_Exploit_Report.pdf
├── [ 589]  README.md
├── [136K]  Screenshot 2025-08-03 224934.png
└── [304K]  Screenshot 2025-08-03 230300.png

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!