漏洞平台

POC详情： a3315cbd2068a682ded052d6522733a6e53a624f

来源

https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool

关联漏洞

标题： WinRAR 安全漏洞 (CVE-2025-8088)
描述：WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞，该漏洞源于路径遍历问题，可能导致任意代码执行。

描述

Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088

介绍

#  CVE-2025-8088 WinRAR Exploit

> **Advanced WinRAR Path Traversal Exploit Tool**

A sophisticated GUI tool for creating malicious RAR archives that exploit the WinRAR path traversal vulnerability (CVE-2025-8088) using ADS and RAR5 header manipulation.

##  Features

- **ADS Exploitation** - NTFS Alternate Data Streams for payload hiding
- **RAR5 Header Manipulation** - Direct header patching for path injection  
- **GUI Interface** - Clean, modern user interface
- **Startup Targeting** - Automatic payload placement in Windows startup
- **Custom Decoy Support** - Use your own decoy files or default

##  Requirements

- Python 3.6+
- WinRAR CLI
- customtkinter

##  Quick Start

```bash
# Install dependencies
pip install -r requirements.txt

# Run the tool
python gui.py
```

##  Usage

1. **Select Payload** - Choose your executable file (.exe, .bat, etc.)
2. **Choose Decoy** - Select a decoy file or leave empty for default
3. **Name Archive** - Enter output RAR filename
4. **Build** - Generate the exploit archive

##  How It Works

The tool creates RAR archives with path traversal using:

1. **ADS Creation** - Hides payload in NTFS alternate data streams
2. **RAR Building** - Creates base RAR with ADS using WinRAR CLI
3. **Header Patching** - Injects traversal path into RAR5 headers
4. **CRC Recalculation** - Ensures archive integrity
5. **Output** - Delivers malicious RAR ready for extraction

**Path Example**: `..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\payload.exe`

##  Disclaimer

This tool is for **educational and authorized testing purposes only**. Use only in controlled environments with proper consent.

##  Author

**Made by [@tcixt](https://t.me/tcixt) on Telegram**

---

*Advanced red team tool for CVE-2025-8088 exploitation*

文件快照


 [4.0K]  /data/pocs/a3315cbd2068a682ded052d6522733a6e53a624f
├── [9.2K]  exploit_core.py
├── [5.2K]  gui.py
├── [4.0K]  output
│   └── [  32]  README.md
├── [1.8K]  README.md
└── [  21]  requirements.txt

1 directory, 5 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。