## https://sploitus.com/exploit?id=78E2CE31-2D13-5B9C-8A1A-14F3BAD5A83F
# CVE-2023-38831-winrar-expoit-simple-Poc
## Very important
I hope you see this link first [https://github.com/b1tg/CVE-2023-38831-winrar-exploit]
I did not write the full exploit. *He wrote the exploit*. [https://github.com/b1tg]
All he did was modify something simple to get a Reverse Shell through the script.bat file
## How To Run
`python cve-2023-38831-exp-gen.py <file name pdf,png,jpg> <script.bat> <output file name>`
*Don't forget change value ip and port*
use any file pdf , png or jpg
### POC File .pdf
https://github.com/my-elliot/CVE-2023-38831-winrar-expoit-simple-Poc/assets/64432235/052eac7c-d25f-4873-af68-3bbfbf7e4cce
### POC File .png
*Don't forget change file name in **script.bat***
https://github.com/my-elliot/CVE-2023-38831-winrar-expoit-simple-Poc/assets/64432235/36a8be86-f495-4ee6-a2df-f6b7b77910c0
# Reference
https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/
https://thehackernews.com/2023/08/winrar-security-flaw-exploited-in-zero.html
https://github.com/b1tg/CVE-2023-38831-winrar-exploit