This Metasploit module exploits a vulnerability in WinRAR 6.22 (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, the decoy document is executed, leading to code execution.
It is not pretty, but works. 🤷🏻
Alexander Hagenah @xaitax