CVE-2023-38831 PoC — WinRAR 安全漏洞

Source

https://github.com/K3rnel-Dev/WinrarExploit

Associated Vulnerability

Title:WinRAR 安全漏洞 (CVE-2023-38831)
Description:RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.

Description

CVE-2023-38831-WINRAR-EXPLOIT GENERATOR

Readme

# WinrarExploit CVE-2023-38831
![Banner](https://github.com/K3rnel-Dev/WinrarExploit/blob/main/screen.png)
![Python](https://img.shields.io/badge/Language-Python-blue?style=for-the-badge&logo=python)

## How to use?
- Execute script with commands
<strong>
<br>
pip install colorama<br>


windows:<br>
python winrar_exploit.py <bait-file(example: any .pdf file and other) <executable script> <OUTPUT_ARCHIVE_NAME><br>


macos-linux and other:<br>
python3 winrar_exploit.py <bait-file(example: any .pdf file and other) <executable script> <OUTPUT_ARCHIVE_NAME><br>
</strong>

File Snapshot


 [4.0K]  /data/pocs/d8d728462d28f95d5bd0cf59aed63cb10eed0e73
├── [175K]  CVE-2023-38831-poc.rar
├── [ 575]  README.md
├── [ 44K]  rick.pdf
├── [3.0M]  screen.png
├── [  61]  script.bat
└── [5.9K]  winrar_exploit.py

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!