CVE-2025-8088

This repository contains a functional Python-based PoC exploit for CVE-2025-8088, a path traversal vulnerability in WinRAR ≤ 7.12. The exploit leverages alternate data streams (ADSes) and crafted RAR archives to place malicious files outside the intended extraction directory, potentially leading to arbitrary code execution.

This repository contains a functional exploit tool for CVE-2025-8088, a WinRAR path traversal vulnerability. It leverages NTFS Alternate Data Streams (ADS) and RAR5 header manipulation to create malicious archives that can place payloads in arbitrary locations, such as the Windows startup folder.

This repository contains a functional PoC for CVE-2025-8088, a WinRAR vulnerability that drops a VBScript file in the Startup directory upon extraction, demonstrating arbitrary file write capabilities. The exploit triggers a message box upon system reboot, confirming successful exploitation.

This repository contains a functional Python exploit for CVE-2025-8088, a path traversal vulnerability in WinRAR. The exploit creates a malicious RAR archive that deploys a payload to the Windows startup folder using multiple relative path traversal depths.

The repository claims to exploit CVE-2025-8088 in WinRAR but contains deceptive code that executes unrelated malicious activity (mshta.exe fetching from an external domain). The README describes a plausible exploit mechanism but the actual code does not implement it.

This repository contains a functional GUI tool for exploiting CVE-2025-8088, a WinRAR path traversal vulnerability. It leverages NTFS Alternate Data Streams (ADS) and RAR5 header manipulation to create malicious archives that can place payloads in Windows startup directories.

This repository contains a functional PoC for CVE-2025-8088, a path traversal vulnerability in WinRAR. The script creates a malicious RAR archive that exploits the vulnerability to place files in arbitrary locations, such as the Startup folder. It also includes a safe extraction tool to audit and mitigate such vulnerabilities.

This repository contains a functional exploit for CVE-2025-8088, leveraging Alternate Data Streams (ADS) and path traversal in WinRAR archives to drop payloads into the victim's startup folder for persistence. The exploit is written in C++ and automates the creation of a malicious RAR archive that, when extracted, places the payload in a location where it executes on system startup.

This repository provides a detailed technical analysis of CVE-2025-8088, a path traversal vulnerability in WinRAR. It includes a proof-of-concept (PoC) for generating a malicious RAR file that exploits the vulnerability to place arbitrary files in sensitive directories, along with mitigation and detection guidance.

This repository contains a functional exploit for CVE-2025-8088, leveraging Alternate Data Streams (ADS) and path traversal in WinRAR archives to achieve arbitrary file placement in the victim's Startup folder, leading to code execution upon system reboot.

This repository contains a functional Rust-based exploit tool for CVE-2025-8088, targeting WinRAR's path traversal vulnerability. It leverages NTFS Alternate Data Streams (ADS) and RAR5 header manipulation to achieve arbitrary file write during archive extraction.

The repository contains a functional exploit for CVE-2025-8088, which leverages path traversal in RAR file processing to achieve arbitrary file write. The PoC generates a malicious RAR archive with crafted stream names and path traversal sequences to drop a payload in the Windows Startup folder.

This repository contains a functional proof-of-concept exploit for CVE-2025-8088, demonstrating how an Alternate Data Stream (ADS) payload can be embedded into a WinRAR RAR5 archive. The exploit leverages ADS to hide a payload within a decoy file, which is then extracted to a target directory (e.g., Startup folder) when the archive is processed.

The repository claims to demonstrate a path traversal vulnerability in WinRAR but lacks actual exploit code, focusing instead on a GUI tool with vague features like 'AES encryption' and 'payload obfuscation'. The README is overly polished with marketing language and no technical details about CVE-2025-8088.

This repository contains a functional PoC for CVE-2025-8088, a path traversal vulnerability in WinRAR ≤7.12. The exploit leverages NTFS Alternate Data Streams (ADS) to place files outside the intended extraction directory, achieving persistence by dropping payloads into the Startup folder.

This repository provides a technical overview and detection strategies for CVE-2025-8088, a path traversal vulnerability in WinRAR. It includes references to research and detection signatures but does not contain exploit code.

The repository claims to be a tool for CVE-2025-8088 but lacks actual exploit code, instead pushing external downloads via GitHub raw links. The README is vague and marketing-oriented, while the provided Python scripts contain generic networking code unrelated to the CVE.

This repository contains a PowerShell-based static analysis tool for detecting path traversal anomalies in RAR archives related to CVE-2025-8088. It does not exploit the vulnerability but scans for indicators of potential exploitation.

This repository contains a functional exploit for CVE-2025-8088, targeting WinRAR via a path traversal vulnerability in RAR file processing. The exploit creates a malicious RAR archive that leverages Alternate Data Streams (ADS) to achieve arbitrary file write, leading to potential remote code execution (RCE) when the archive is extracted.

This repository contains a PowerShell script that scans for the presence of WinRAR and checks if the installed version is vulnerable to CVE-2025-8088. It does not exploit the vulnerability but detects whether the system is affected.

This repository contains a functional Python-based PoC for CVE-2025-8088, exploiting a WinRAR path traversal vulnerability via Alternate Data Streams (ADS) to achieve arbitrary file write to the Windows Startup folder. The exploit creates a malicious RAR archive that, when extracted, writes a payload to the Startup folder for persistence.

This repository contains a functional Python-based proof-of-concept exploit for CVE-2025-8088, which leverages WinRAR's improper handling of Alternate Data Streams (ADS) and path traversal to write arbitrary files to the Windows Startup folder for persistence. The exploit creates a malicious RAR archive that, when extracted, places a payload in the Startup folder, achieving automatic execution on system boot.

This repository contains a functional exploit for CVE-2025-8088, a path traversal vulnerability in WinRAR ≤ 7.12. The exploit leverages Alternate Data Streams (ADS) and crafted RAR archives to achieve arbitrary file write, potentially leading to remote code execution.

Technical analysis of CVE-2025-8088, a path traversal vulnerability in WinRAR (v7.12 and prior) due to improper handling of NTFS Alternate Data Streams (ADS) in archive filenames, allowing arbitrary file writes to sensitive locations.

This repository contains a functional Python script that exploits CVE-2025-8088, a path traversal vulnerability in WinRAR versions prior to 7.13. The script creates a malicious RAR archive that, when extracted, places a payload in the user's Startup folder, leading to persistent execution.

This repository contains a functional proof-of-concept exploit for CVE-2025-8088, a path traversal vulnerability in WinRAR via NTFS Alternate Data Streams (ADS). The exploit generates a malicious RAR archive that, when extracted, writes arbitrary files to sensitive system locations, such as the Windows Startup folder.

This repository contains a functional Python-based PoC for CVE-2025-8088, a path traversal vulnerability in WinRAR ≤ 7.12. The exploit leverages alternate data streams (ADSes) and crafted RAR archives to place malicious files outside the intended extraction directory.

This repository contains a functional exploit tool for CVE-2025-8088, a WinRAR path traversal vulnerability. It leverages NTFS Alternate Data Streams (ADS) and RAR5 header manipulation to create malicious archives that can place payloads in arbitrary locations, such as the Windows startup folder.

This repository contains a functional exploit for CVE-2025-8088, a path traversal vulnerability in WinRAR. The exploit leverages NTFS Alternate Data Streams (ADS) and RAR5 header manipulation to create malicious archives that can place payloads in arbitrary locations, such as the Windows startup folder.

This repository contains a functional exploit generator for CVE-2025-8088, a WinRAR vulnerability that allows arbitrary code execution when a victim extracts a malicious RAR archive. The exploit creates a crafted RAR file embedding a payload that executes upon extraction.

This repository contains a functional exploit generator for CVE-2025-8088, a WinRAR vulnerability that allows arbitrary code execution when a victim extracts a malicious RAR archive. The exploit creates a crafted RAR file that leverages path traversal and ADS (Alternate Data Streams) to execute a payload.

This repository contains a functional exploit toolkit for CVE-2025-8088, a WinRAR path traversal vulnerability. It leverages NTFS Alternate Data Streams (ADS) and RAR5 header manipulation to create malicious archives that achieve arbitrary file write and persistence via the Windows Startup folder.

This repository contains a functional exploit for CVE-2025-8088, leveraging path traversal in RAR file processing to achieve arbitrary file write. The exploit generates a malicious RAR archive with crafted stream names and path traversal sequences to drop a payload in the Windows Startup folder.

This repository contains a functional exploit for CVE-2025-8088, a path traversal vulnerability in WinRAR versions 7.12 and below. The exploit leverages ADS (Alternate Data Streams) and manipulated RAR headers to write payloads to arbitrary locations, such as the Windows startup folder, achieving persistence.

The repository contains a functional PowerShell exploit for CVE-2025-8088, which deploys a stealthy LNK payload with registry persistence upon detecting a marker file. The exploit includes anti-analysis checks and obfuscation techniques to evade detection.

This repository contains a functional exploit for CVE-2025-8088, a path traversal vulnerability in WinRAR that allows arbitrary file write via crafted RAR archives. The PoC creates a malicious archive that leverages Alternate Data Streams (ADS) and multiple traversal depths to drop a payload into the Windows Startup folder.