Posted by Rio Sherri on Oct 05

#!/usr/bin/python -w

# Title : WinRar Settings Import Command Execution

# Date : 02/10/2015

# Author : R-73eN

# Tested on : Windows 7 Ultimate

# Vulnerable Versions : Winrar < 5.30 beta 4

# The vulnerability exists in the “Import Settings From File” function.

# Since Settings file of Winrar are saved as a registry file and WinRar
executes

# it in an automatic way without checking if it is writing to the Registry
keys

# used…