Imwe nzira nyowani yakawanikwa yekushandisa kushomeka muSQLite

Dambudziko reSQLite

ari Check Point vaongorori vachangobva kuburitsa kumusangano weDEF uine ruzivo yehunyanzvi nyowani yakawanikwa, ichi chinoshandiswa pKurwisa zvishandiso zvinoshandisa zvinyowani shanduro zveSQLite.

Nzira yacho Check Point inoona mafaira e database semukana wekubatanidza njodzi dzekushandisa zvisizvo mune dzakasiyana dzemukati SQLite subsystems ayo asinga svikirwe nekushandiswa kwehuma. Vatsvakurudzi vakagadzirawo hunyanzvi hwekushandisa kusagadzikana nekutora coding muchimiro chetambo yeSELECT queries mune SQLite database, iyo inobvumira ASLR kudzivirirwa.

Nezve kusagadzikana

The Check Point vaongorori vanotsanangura izvozvo yekurwisa kwakabudirira, anorwisa anofanira kunge achigona kushandura mafaira e database ezvibodzwa zvakarwiswa, iyo inoganhurira nzira yekurwisa mashandisiro ayo anoshandisa SQLite dhatabhesi semafomati ekufambisa uye data rekuisa

Kunyange ivo zvakare vanozivisa kuti nzira yacho inogona zvakare kushandiswa kuwedzera yemunharaunda kuwana yatowanikwa, semuenzaniso, kusanganisa yakavanzwa mikova yekumashure mumaapplication akashandiswa, pamwe nekudzivirira vezvekuchengeteka kana vachiongorora malware.

Iko kushanda mushure mekuteedzera kwefaira kunoitwa panguva iyo iko kunyorera kwekutanga KUSVIRA chikumbiro kutafura mune yakashandurwa dhatabhesi.

Semuenzaniso, kugona kumhanyisa kodhi pane iOS paunenge uchivhura bhuku rekero kwakaratidzirwa, iyo faira ine dhatabhesi «AddressBook.sqlitedb»Ndeipi yakagadziriswa uchishandisa nzira yakatsanangurwa.

Zvekurwisa, kusagadzikana kwakashandiswa mune fts3_tokenizer basa (CVE-2019-8602, iko kugona kutarisa pointer), yakagadziriswa muna Kubvumbi SQLite 2.28 kugadzirisa, pamwe nekumwe kushushikana mukuitwa kwemawindo mabasa.

Uyewo, inoratidza kushandiswa kwenzira yekutora kure kudzora kwe backend server kubva kune vanorwisa akanyorwa muPHP, iyo inounganidza mapassword akabatwa panguva yekushanda kwecode code (iwo mapassword akabatwa akaendeswa nenzira yeSQLite dhatabhesi).

Iyo nzira yekurwisa yakavakirwa pakushandiswa kwemaitiro maviri, Query Kubvuta uye Query Yakatemerwa Chirongwa, iyo inobvumidza zvinomomomoka matambudziko anotungamira mukufunga huori mune iyo SQLite injini kuti ishandiswe.

Iko kukosha kwe "Kubvunza kubvunza" ndiko kutsiva zvemukati me "sql" munda mune sqlite_master sevhisi tafura inotsanangura chimiro che database. Iyo yakadomwa munda ine iyo DDL (Data Dudziro Mutauro) bhuroka rinoshandiswa kutsanangura chimiro chezvinhu zviri mudhatabhesi.

Tsananguro inoiswa uchishandisa yakajairwa SQL syntax, kureva. Iyo "GADZIRA TABLE" inovaka, inoitwa panguva yekutanga kwedhatabhesi (panguva yekutanga kuitiswa kwe sqlite3LocateTable function) inoshandiswa kugadzira zvimiro zvemukati zvine chekuita netafura mundangariro.

Pfungwa ndeyekuti semhedzisiro yekutsiva "GADZIRA TABLE" uye "GADZIRA ZVINOONA, zvinokwanisika kudzora chero kuwanikwa kune dhatabhesi kuburikidza netsananguro yekuona kwayo

Kune rimwe divi, uchishandisa iyo "GADZIRA ZVINOONA" kuraira, "Sarudza" mashandiro akaiswa patafura, inozodaidzwa pachinzvimbo che "GADZIRA TABLE" uye inobvumira murwisi kuwana zvikamu zvakasiyana zvemuturikiri weSQLite.

Kunze kweizvi, nzira iri nyore yekurwisa ingave yekudaidza iyo "load_extension" basa, iro rinotendera anorwisa kuti akwanise kurodha raibhurari yekumanikidza pamwe nekuwedzera, asi basa iri rakaremara nekutadza.

Kuita kurwisa pasi pemamiriro ekugona kuita SELECT oparesheni, iyo-yakatarisana nemubvunzo chirongwa chakatemwa, icho chinobvumidza kushandisa matambudziko muSQLite inotungamira mukufunga kwehuori.

Maitiro aya anoyeuchidza nezve Kudzoka Kwakatenderedzwa Programming (ROP), asi inoshandisa zvisipo zvemakina kodhi, asi inoiswa mune yakasetwa mukati meSELECT kuvaka tambo yekufona ("gadget").

mabviro: https://threatpost.com/


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako