Advanced WinRAR Path Traversal Exploit Tool
A sophisticated GUI tool for creating malicious RAR archives that exploit the WinRAR path traversal vulnerability (CVE-2025-8088) using ADS and RAR5 header manipulation.
- ADS Exploitation - NTFS Alternate Data Streams for payload hiding
- RAR5 Header Manipulation - Direct header patching for path injection
- GUI Interface - Clean, modern user interface
- Startup Targeting - Automatic payload placement in Windows startup
- Custom Decoy Support - Use your own decoy files or default
- Python 3.6+
- WinRAR CLI
- customtkinter
# Install dependencies
pip install -r requirements.txt
# Run the tool
python gui.py- Select Payload - Choose your executable file (.exe, .bat, etc.)
- Choose Decoy - Select a decoy file or leave empty for default
- Name Archive - Enter output RAR filename
- Build - Generate the exploit archive
The tool creates RAR archives with path traversal using:
- ADS Creation - Hides payload in NTFS alternate data streams
- RAR Building - Creates base RAR with ADS using WinRAR CLI
- Header Patching - Injects traversal path into RAR5 headers
- CRC Recalculation - Ensures archive integrity
- Output - Delivers malicious RAR ready for extraction
Path Example: ..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\payload.exe
This tool is for educational and authorized testing purposes only. Use only in controlled environments with proper consent.
Made by @tcixt on Telegram
Advanced red team tool for CVE-2025-8088 exploitation
