CVE-2023-38831
Description
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
Severity: HIGH
CVE ID: CVE-2023-38831
CVSS Score: 7.8
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Proof Of Concept
BoredHackerBlog
lazy way to create CVE-2023-38831 winrar file for testing
Refrence: GitHub
b1tg
CVE-2023-38831 winrar exploit generator
Refrence: GitHub
IR-HuntGuardians
Refrence: GitHub
Garck3h
一款用于生成winrar程序RCE(即cve-2023-38831)的POC的工具。
Refrence: GitHub
ignis-sec
An easy to install and easy to run tool for generating exploit payloads for CVE-2023-38831, WinRAR RCE before versions 6.23
Refrence: GitHub
HDCE-inc
CVE-2023-38831 PoC (Proof Of Concept)
Refrence: GitHub
Maalfer
Pasos necesarios para obtener una reverse shell explotando la vulnerabilidad de winrar CVE-2023-38831 en versiones anteriores a 6.23.
Refrence: GitHub
knight0x07
Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
Refrence: GitHub
akhomlyuk
CVE-2023-38831 WinRAR
Refrence: GitHub
PascalAsch
KQL Hunting for WinRAR CVE-2023-38831
Refrence: GitHub
ahmed-fa7im
CVE-2023-38831 winrar exploit generator and get reverse shell
Refrence: GitHub
thegr1ffyn
Proof of Concept (POC) for CVE-2023-38831 WinRAR
Refrence: GitHub
MortySecurity
This repository has both an attack detection tool and a Proof-of-Concept (PoC) Python script for the WinRAR CVE-2023-38831 vulnerability.
Refrence: GitHub
nhman-python
winrar exploit 6.22 <=
Refrence: GitHub
z3r0sw0rd
Proof-of-Concept for CVE-2023-38831 Zero-Day vulnerability in WinRAR
Refrence: GitHub
BeniB3astt
Refrence: GitHub
MorDavid
This is a POC for the CVE-2023-3883 exploit targeting WinRAR up to 6.22. Modified some existing internet-sourced POCs by introducing greater dynamism and incorporated additional try-except blocks within the code.
Refrence: GitHub
Mich-ele
CVE-2023-38831 winrar exploit builder
Refrence: GitHub
asepsaepdin
Refrence: GitHub
K3rnel-Dev
CVE-2023-38831-WINRAR-EXPLOIT GENERATOR
Refrence: GitHub
Fa1c0n35
Refrence: GitHub
xaitax
This module exploits a vulnerability in WinRAR (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, a script is executed, leading to code execution.
Refrence: GitHub
GOTonyGO
Quick exploit builder for CVE-2023-38831, a vulnerability that affects WinRAR versions before 6.23.
Refrence: GitHub
Malwareman007
CVE-2023-38831 WinRaR Exploit Generator
Refrence: GitHub
ameerpornillos
Proof of concept (PoC) exploit for WinRAR vulnerability (CVE-2023-38831) vulnerability
Refrence: GitHub
IMHarman
Refrence: GitHub
an040702
Refrence: GitHub
elefantesagradodeluzinfinita
DR. GANDALF: Aplicacion DESKTOP para WINDOWS, Inyector de archivos ZIP, generador de exploits para vulnerabilidad de WinRAR 6.22 y anteriores.
Refrence: GitHub
malvika-thakur
Proof-of-Concept (POC) of CVE-2023-38831 Zero-Day vulnerability in WinRAR
Refrence: GitHub
ruycr4ft
Refrence: GitHub
Nielk74
Refrence: GitHub
kehrijksen
CVE-2023-38831 is an RCE in WinRAR (<6.23)
Refrence: GitHub
h3xecute
SideCopy APT Group exploits CVE-2023-38831
Refrence: GitHub
s4m98
WinRAR cve-2023-38831-poc-generator
Refrence: GitHub
xk-mt
WinRAR-6.22、CVE-2023-38831、CNNVD-202308-1943、DM-202307-003730、QVD-2023-19572漏洞复现
Refrence: GitHub
MyStuffYT
Proof-of-concept of CVE-2023-38831
Refrence: GitHub
80r1ng
Refrence: GitHub
SpamixOfficial
CVE-2023-38831 Proof-of-concept code
Refrence: GitHub
r1yaz
Exploit Development using python for CVE-2023-38831 (POC)
Refrence: GitHub
youmulijiang
evil-winrar,CVE-2023-38831漏洞利用和社会工程学攻击框架 (evil-winrar, CVE-2023-38831 Vulnerability Exploitation and Social Engineering Attack Framework)
Refrence: GitHub
solomon12354
This is my malware
Refrence: GitHub
RomainBayle08
Refrence: GitHub
Content on GitHub
SugiB3o | watchers:2
Keylog_CVE2023-38831
Refrence: GitHub