RarLab answer: http://www.rarlab.com/vuln_sfx_html.htm
I don't think the work is useless... You probably learnt a lot writing this
guide and PoC code, but in fact an EXE can be manipulated in many ways to
run smaller pieces of code. There is no need to find a bug to do that. ;)
Att,
Fernando Me
"Shawn McMahon" sybergh...@gmail.com wrote:
> On Mon, Oct 5, 2015 at 8:16 AM, Stefan Kanthak
> wrote:
>
>>
>> That's why giving unsuspecting users *.EXE to install a software package
>> or to unpack an archive and thus training them to run almost anything
>> they get their hands on is a BLOODY S
On Mon, Oct 5, 2015 at 8:16 AM, Stefan Kanthak
wrote:
>
> That's why giving unsuspecting users *.EXE to install a software package
> or to unpack an archive and thus training them to run almost anything
> they get their hands on is a BLOODY STUPID idea in the first place.
>
> ALWAYS use the platf
"Gynvael Coldwind" wrote:
> Correct me if I'm wrong, but the vulnerability can be summarized as: if you
> run an untrusted .exe you might execute malicious code?
Amen!
> I hardly see this as giving anything new to the attacker who can just
> create a malicious exe file, set the winrar sfx icon
In fact, a SXF file type can only try to access a specific URL
(server's attacker). Then the attacker exploits a
Microsoft's vulnerability (ms14-064).
The WinRAR file doesn't allow RCE by itself.
--
Hernán Möller
http://nivel4.com
2015-09-28 5:39 GMT-03:00 Gynvael Coldwind :
> Correct me if I
Correct me if I'm wrong, but the vulnerability can be summarized as: if you
run an untrusted .exe you might execute malicious code?
I hardly see this as giving anything new to the attacker who can just
create a malicious exe file, set the winrar sfx icon and send it to the
victim.
Keep in mind th
Document Title:
===
WinRAR SFX v5.21 - Remote Code Execution Vulnerability
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1608
Video: https://www.youtube.com/watch?v=fo0l0oT4468
Release Date:
=
2015-09-28
Vulnerability La