Skip to content
/ CVE-2023-40477 Public
forked from whalersplonk/CVE-2023-40477

POC WinRAR vulnerable to remote code execution,

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fatmeat/CVE-2023-40477

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
poc.py
poc.py
 
 

Repository files navigation

CVE-2023-40477

POC WinRAR vulnerable to remote code execution,
A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats (RAR, ZIP, CAB, ARJ, LZH, TAR, GZip, UUE, ISO, BZIP2, Z and 7-Zip).
CVE-2023-40477 is a remote code execution vulnerability that could allow remote threat actors to execute arbitrary code on an affected WinRAR installation.

Usage

Create "test.rar" and place in same directory as poc.py.
Put any files u want inside "test.rar".
Execute command: poc.py -c CMD COMMAND TO EXECUTE
Done ! Now after someone open any file inside .rar file will execute that command hiddenly.

VIDEO:
https://streamable.com/nx20wk

About

POC WinRAR vulnerable to remote code execution,

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%