courses
Free

CVE Series: WinRar Vulnerability (CVE-2023-38831)

WinRAR, a popular 1990s file archiver still used by 500 millions users worldwide, suffers from a high severity Remote Code Execution (RCE) vulnerability. In this course you’ll be putting on your Red Team hat to create your own malicious file and gain control of the victim’s computer by leveraging this CVE!
Share
Start CourseSubscribe for UpdatesNeed to train your team? Learn more
Create Free AccountNeed to train your team? Learn more
1
15
M
Time
intermediate
difficulty
1
ceu/cpe

Course Content

Introduction to WinRAR
WinRAR Exploitation
WinRAR Remediation
How To Remediate CVE-2023-38831

30m

WinRAR Remediation
Explanation of the Exploit Script

30m

WinRAR Exploitation
Root Cause Analysis of CVE-2023-38831

10m

Introduction to WinRAR
Introduction to WinRAR

5m

Introduction to WinRAR
Course Description

Course Description

WinRAR, a popular 1990s file archiver still used by 500 millions users worldwide, suffers from a high severity Remote Code Execution (RCE) vulnerability that was reported in August of 2023. CVE-2023-38831 affects WinRAR versions below 6.23 and is an RCE vulnerability that allows attackers to execute arbitrary code when a victim clicks what they think is a benign file, like a PDF or text file, within a ZIP archive. Attackers began exploiting this vulnerability in the wild in April 2023 through various cryptocurrency trading forums to install malware on victim systems. In this course you’ll be putting on your Red Team hat to create your own malicious file and gain control of the victim’s computer by leveraging this CVE!

Target Audience

This course is for seasoned red teamers, penetration testers, security and vulnerability assessment analysts, and system administrators who want to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.

Course Level

Intermediate

Prerequisites

Linux command line basics and familiarity with Powershell Empire.

Helpful Links

  • Exploit Code: [https://github.com/b1tg/CVE-2023-38831-winrar-exploit](https://github.com/b1tg/CVE-2023-38831-winrar-exploit)
  • CVE Entry: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38831](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38831) (Official CVE)
  • Group-IB Threat Intelligence Analysis: [https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/](https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/)
  • Metasploit Module: [https://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html](https://packetstormsecurity.com/files/174573/WinRAR-Remote-Code-Execution.html)
  • Official WinRAR Update Notes: [https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa](https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa)
    • McAfee Blog: [https://www.mcafee.com/blogs/other-blogs/mcafee-labs/exploring-winrar-vulnerability-cve-2023-38831/](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/exploring-winrar-vulnerability-cve-2023-38831/)

    This course is part of a Career Path:
    No items found.

    Instructed by

    Senior Instructor
    Clint Kehr

    Clint is a technical manager for a financial services company’s Responsible Disclosure Team, where he interacts with ethical hackers who find vulnerabilities in the company’s infrastructure. Clint is a former Special Agent with the Department of Justice where he specialized in internet investigations and conducted numerous cases on cyber threat actors on the surface, deep, and dark web, resulting in Clint earning the Attorney General’s Distinguished Service Award. Clint has trained over 1,000 law enforcement officers, prosecutors, and civilians on the dark web and dark market websites. Clint has a master’s degree in intelligence studies from American Military University where he graduated with honors and also has a master’s degree in Information Technology from Carnegie Mellon University where he graduated with highest distinction. As a former Navy Reserve Officer, Clint served in many roles, such as a division officer and department head for commands in the information warfare community.

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a CVE Series: WinRar Vulnerability (CVE-2023-38831) Certificate of Completion