POC详情: df30105426ffa3d9fb073d44d37eacf250deafa8

来源
https://github.com/nyra-workspace/CVE-2025-8088
关联漏洞
标题: WinRAR 安全漏洞 (CVE-2025-8088)
描述:WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞,该漏洞源于路径遍历问题,可能导致任意代码执行。
介绍
# WinRAR CVE-2025-8088: Exploiting the Vulnerability

This readme provides a proof of concept (PoC) for exploiting CVE-2025-8088 in WinRAR. The vulnerability allows an attacker to change the executable file that gets run when a user interacts with a .ZIP file through WinRAR.

## Overview

The exploit involves modifying a specific registry key to point to a different executable. This can be used to run arbitrary commands or execute malicious code.

## Prerequisites

- Windows operating system
- Administrative privileges
- WinRAR installed

## Exploit Details

The vulnerable registry key is located at:
HKEY_CLASSES_ROOT\WinRAR.ZIP\shell\open\command

By modifying this key, an attacker can change the command that is executed when a .ZIP file is opened with WinRAR.
文件快照

 [4.0K]  /data/pocs/df30105426ffa3d9fb073d44d37eacf250deafa8
└── [ 772]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。