Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-38831 PoC — WinRAR 安全漏洞

Source
https://github.com/s4m98/winrar-cve-2023-38831-poc-gen
Associated Vulnerability
Title:WinRAR 安全漏洞 (CVE-2023-38831)
Description:WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。
Description
WinRAR cve-2023-38831-poc-generator
Readme
# CVE-2023-38831 Exploit Generator

This tool is a Python script that exploits a vulnerability in the RAR file format (CVE-2023-38831) to execute a malicious command when a user opens a bait file. The exploit works on WinRAR versions before 6.23. For Example 6.22, 6.21, 6.20 or above.

## Requirements

- Python or python3


## Usage

There are two ways to use this tool:

- To generate a proof-of-concept exploit, run the script with the argument `poc`:

`python .\cve-2023-38831-exp-gen.py poc`

This will create a file named `CVE-2023-38831-poc.rar` that contains a fake PDF file named `CLASSIFIED_DOCUMENTS.pdf` and a batch file named `script.bat`. The batch file will run a simple command to open a calculator when the user opens the PDF file.

- To generate a custom exploit, run the script with three arguments: `<ANY_PDF/PNG/JPG_FILE> <SCRIPT_NAME> <OUTPUT_NAME>`:

`python .\cve-2023-38831-exp-gen.py <ANY_PDF/PNG_FILE> <SCRIPT_NAME> <OUTPUT_NAME>`

`python cve-2023-38831-exp-gen.py CLASSIFIED_DOCUMENTS.pdf script.bat  poc.rar`

This will create a file named `<OUTPUT_NAME>` that contains a fake file named `<ANY_PDF/PNG/JPG_FILE>` and a batch file named `<SCRIPT_NAME>`. The batch file will run the command that you have written in it when the user opens the fake file.

For example, if you want to create an exploit that contains a fake PNG/JPG file named `cute-cat.png` and a batch file named `script.bat` that runs a PowerShell command to download and execute a malicious payload from a remote server, you can run the script like this:

`python .\cve-2023-38831-exp-gen.py cute-cat.png script.bat evil.rar`

## Disclaimer

This tool is for educational and research purposes only. Do not use it for any illegal or unethical purposes. I do not condone or support any malicious activities. Use it at your own risk and responsibility. I am not responsible for any damage or harm caused by this tool.
File Snapshot

 [4.0K]  /data/pocs/8f099a99f88819b8e76556f8ced5ceae2affcd4f
├── [411K]  CLASSIFIED_DOCUMENTS.pdf
├── [312K]  cute-cat.png
├── [2.2K]  cve-2023-38831-exp-gen.py
├── [1.9K]  README.md
└── [  28]  script.bat

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.