POC详情: c6b371a8f61653520a7b4cf97f841e7ab0616121

来源
https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool
关联漏洞
标题: WinRAR 安全漏洞 (CVE-2025-8088)
描述:WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞,该漏洞源于路径遍历问题,可能导致任意代码执行。
介绍
#  CVE-2025-8088 WinRAR Exploit
```
  _  _ _____  _____ ___ ___ 
 | || | __\ \/ / __| __/ __|
 | __ | _| >  <\__ \ _| (__ 
 |_||_|___/_/\_\___/___\___|
```

> **Advanced WinRAR Path Traversal Exploit Tool**

A sophisticated GUI tool for creating malicious RAR archives that exploit the WinRAR path traversal vulnerability (CVE-2025-8088) using ADS and RAR5 header manipulation.

##  Features

- **ADS Exploitation** - NTFS Alternate Data Streams for payload hiding
- **RAR5 Header Manipulation** - Direct header patching for path injection  
- **GUI Interface** - Clean, modern user interface
- **Startup Targeting** - Automatic payload placement in Windows startup
- **Custom Decoy Support** - Use your own decoy files or default

##  Requirements

- Python 3.6+
- WinRAR CLI
- customtkinter

##  Quick Start

```bash
# Install dependencies
pip install -r requirements.txt

# Run the tool
python gui.py
```

##  Usage

1. **Select Payload** - Choose your executable file (.exe, .bat, etc.)
2. **Choose Decoy** - Select a decoy file or leave empty for default
3. **Name Archive** - Enter output RAR filename
4. **Build** - Generate the exploit archive

## 🖼️ UI Preview

Add here a screenshot of the tool running in Window 11:

![exploit GUI](img/exploit.jpg)

## 🖼️ POC Exploit
![exploit POC](img/demo.gif)
##  How It Works

The tool creates RAR archives with path traversal using:

1. **ADS Creation** - Hides payload in NTFS alternate data streams
2. **RAR Building** - Creates base RAR with ADS using WinRAR CLI
3. **Header Patching** - Injects traversal path into RAR5 headers
4. **CRC Recalculation** - Ensures archive integrity
5. **Output** - Delivers malicious RAR ready for extraction

**Path Example**: `..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\payload.exe`

##  Disclaimer

This tool is for **educational and authorized testing purposes only**. Use only in controlled environments with proper consent.

---

## 👤 Author

Made with ❤️ by **Hexec**  
For educational & research purposes.

---

## 🔗 HexSec Social Media

🛠️ Join our tools, tutorials & exploit community  

- 📦 **Telegram Group**: [https://t.me/hexsectools](https://t.me/hexsectools)  
- 📬 **Contact (Direct Message)**: [https://t.me/Hexsecteam](https://t.me/Hexsecteam)  

### Follow us on social media
- 📸 **Instagram**: [https://instagram.com/hex.sec](https://instagram.com/hex.sec)  
- ▶️ **YouTube**: [https://youtube.com/@hex_sec](https://youtube.com/@hex_sec)  
- 💻 **GitHub**: [https://github.com/hexsecteam](https://github.com/hexsecteam)  
- 🎞️ **Vimeo**: [https://vimeo.com/hexsec](https://vimeo.com/hexsec)  
- 📹 **Dailymotion**: [https://www.dailymotion.com/hexsectools/videos](https://www.dailymotion.com/hexsectools/videos)  

---

*Advanced red team tool for CVE-2025-8088 exploitation*
文件快照

 [4.0K]  /data/pocs/c6b371a8f61653520a7b4cf97f841e7ab0616121
├── [9.3K]  exploit_core.py
├── [5.8K]  gui.py
├── [4.0K]  img
│   ├── [789K]  demo.gif
│   └── [ 78K]  exploit.jpg
├── [4.0K]  output
│   └── [  32]  README.md
├── [2.9K]  README.md
└── [  21]  requirements.txt

2 directories, 7 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。