50 matches found
CVE-2023-38831
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file such as an ordinary .JPG file and also a folder that has the same name as the benign file, and the...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831 Exploit Proof-of-Concept Overview This rep...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
Description Name : CVE-2023-38831 CVSS Score : 7.8...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831 WinRAR Exploit Generator Created by: tech...
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, t...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831 A POC demo on CVE-2023-38831 Brief description...
FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine
Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. "The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to...
Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web MotW feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file...
Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly ...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC This is my...
WinRAR version 6.22 - Remote Code Execution via ZIP archive Exploit
Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...
WinRAR 6.22 Remote Code Execution
Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...
WinRAR version 6.22 - Remote Code Execution via ZIP archive
Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...
Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks
Russian state-sponsored actors have staged NT LAN Manager NTLM v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
winDED Custom exploit for CVE-2023-38831 using python. Int...
UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware
The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. "The threat actor targets Ukrainian employees working for companies outside of Ukraine,"...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831-POC Proof-of-conc...
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat APT. Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light i...
CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability
CVE-2023-38831: Navigating the Threat Landscape of the Latest Security Vulnerability By Neeraj Kumar Singh · November 09, 2023 Executive Summary In August 2023, WinRAR released a security patch to address a remote code execution vulnerability in WinRAR's ZIP archive. The vulnerability, known as...
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE describe...