CVE-2023-38831 PoC — WinRAR 安全漏洞

Source

https://github.com/Mich-ele/CVE-2023-38831-winrar

Associated Vulnerability

Title:WinRAR 安全漏洞 (CVE-2023-38831)
Description:WinRAR是一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 RARLabs WinRAR 6.23之前版本存在安全漏洞。攻击者利用该漏洞可以执行任意代码。

Description

CVE-2023-38831 winrar exploit builder

Readme

# CVE-2023-38831 Builder

Quick exploit builder for CVE-2023-38831, a vulnerability that affects WinRAR versions before 6.23.

I created this exploit builder mainly to learn rust language, so don't expect to find clean and optimized code.


![CMD](https://github.com/Mich-ele/CVE-2023-38831-winrar/blob/main/images/cmd.png?raw=true)

![Winrar](https://github.com/Mich-ele/CVE-2023-38831-winrar/blob/main/images/winrar.png?raw=true)


### Info about this vulnerability
https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/

File Snapshot


 [4.0K]  /data/pocs/ef949bdcf99cbaf0dead934330b9913f37910181
├── [ 191]  Cargo.toml
├── [4.0K]  images
│   ├── [140K]  cmd.png
│   └── [ 46K]  winrar.png
├── [ 469]  OUTPUT.rar
├── [ 530]  README.md
├── [ 144]  script.bat
├── [4.0K]  src
│   └── [4.0K]  main.rs
└── [  12]  test.txt

2 directories, 8 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!