来源

关联漏洞

介绍

# CVE-2023-38831 Exploit Proof-of-Concept

## Overview

This repository contains a Python script that demonstrates a proof-of-concept (PoC) exploit for **CVE-2023-38831**. This exploit leverages a vulnerability in specific file-processing mechanisms to execute a reverse shell payload through a malicious RAR file.

> **Disclaimer:**  
> This project is intended for educational purposes and ethical security research only. Unauthorized use of this code to compromise systems or networks without prior consent is illegal and unethical. The author disclaims all responsibility for misuse.

---

## How It Works

The script automates the creation of a malicious RAR file that exploits the CVE-2023-38831 vulnerability. It embeds a Python reverse shell script into a crafted file structure that executes stealthily.

### Steps Performed:
1. Takes a **bait file** (non-suspicious file) and a **script file** (malicious payload) as input.
2. Creates a structured directory to hide the malicious payload.
3. Embeds a `VBScript` to execute the payload silently.
4. Crafts a RAR archive with manipulated file headers to bypass detection mechanisms.
5. Outputs the final exploit file.

---

## Requirements

- Python 3.6+
- WinRAR or compatible RAR processing software
- Ensure `shutil` and `os` modules are available (these are standard with Python).

---

## Usage

1. Clone this repository:
   ```bash
   git clone https://github.com/yourusername/CVE-2023-38831-POC.git
   cd CVE-2023-38831-POC
   ```

2. Prepare the following files:
   - **Bait file**: Any legitimate file (e.g., a harmless PDF or image).
   - **Script file**: A Python reverse shell or similar payload.

3. Run the script:
   ```bash
   python exploit.py
   ```

4. Provide the required inputs:
   - Name of the bait file.
   - Name of the malicious script.
   - Desired name for the output RAR file.

5. The exploit file will be generated in the current working directory.

---

## Example

```bash
$ python exploit.py
CVE-2023-38831 POC
-------------------------------
Enter the bait file name: document.pdf
Enter the script file name: reverse_shell.py
Enter the output RAR file name: malicious_payload
Exploit generated successfully as 'malicious_payload.rar'.
```

---

## Important Notes

- This script is a **proof of concept** and should be used only in controlled environments with explicit permission from the system owner.
- Avoid distributing or using the generated files outside ethical or educational contexts.
- The exploit relies on known behaviors of RAR processing utilities and may not work in all configurations.

---

## License

This project is licensed under the [MIT License](LICENSE).

---

## Author

- **Kunal Rajour**
- GitHub: [VictotiousKnight](https://github.com/VictotiousKnight)

---

**Reminder:** Misuse of this script can lead to severe legal consequences. Always follow ethical guidelines and obtain proper authorization.

---

文件快照

 [4.0K]  /data/pocs/375b860726930de0616b294911ddb85b08009b90
├── [2.4K]  exploit.py
├── [2.0K]  listener.py
├── [2.9K]  README.md
├── [   0]  scholarship.pdf
└── [2.5K]  shell.py

0 directories, 5 files

备注