ProHoster > Блог > Gudanarwa > Mai satar kalmar sirri a cikin software na riga-kafi na riga-kafi na Avira

Mai satar kalmar sirri a cikin software na riga-kafi na riga-kafi na Avira

Idan na gaya muku cewa aikin ɗaya daga cikin abubuwan software na riga-kafi wanda ke da amintaccen sa hannu na dijital shine tattara duk takaddun shaidarku da aka adana a cikin shahararrun mashahuran Intanet? Idan na ce ba ruwansa da wanda abin ya shafa ya tattara su fa? Wataƙila za ku yi tunanin ni mai ruɗi ne. Bari mu ga yadda yake da gaske?

Fahimta

Rayuwa da rayuwa irin wannan kamfani riga-kafi kamar Abubuwan da aka bayar na Avira GmbH & Co., Ltd. KG. Yana samar da kayayyaki daban-daban masu alaƙa da tsaro na bayanai. Akwai ma samfuran kyauta don amfanin gida.

Bari mu sami sha'awar sigar kyauta kuma mu ga abin da samfuran abokan aikinmu na Jamus za su iya yi. Mu duba kan dubawa - babu wani sabon abu. Ba mu sami wani ambaton wani samfurin kamfanin ba - Avira Password Manager.

Mu kalli bangaren da sunan da bai ja hankali ba”Avira.PWM.NativeMessaging.exe"? An haɗa shi don dandalin NET kuma ba a ɓoye shi ta kowace hanya, don haka muna loda shi cikin dnSpy kuma muna nazarin lambar shirin kyauta.

Shirin shirin na'ura ne kuma yana tsammanin umarni a daidaitaccen rafi na shigarwa. Babban aiki ta amfani da"karanta"yana karanta bayanai daga rafi, duba tsarin kuma ya wuce umarnin zuwa aikin"Saƙon Tsari" Hakanan, bi da bi, yana bincika cewa umarnin da aka watsa shine "daukoChromePasswords"ko"debo Takaddun shaida"(ko da yake menene bambanci yake yi idan ƙarin hali ya kasance iri ɗaya?) Sa'an nan kuma mafi ban sha'awa ya fara - kiran aikin "Mai da BrowserCredentials" Har ma yana da ban sha'awa ... menene aikin da wannan sunan zai iya yi?

Mai satar kalmar sirri a cikin software na riga-kafi na riga-kafi na Avira

Babu wani sabon abu, kawai yana tattarawa cikin jeri ɗaya duk asusun mai amfani da aka adana lokacin aiki tare da masu binciken Intanet “Chrome”, “Opera” (dangane da Chromium), “Firefox” da “Edge” (dangane da Chromium) kuma yana dawo da bayanan azaman JSON abu.

Mai satar kalmar sirri a cikin software na riga-kafi na riga-kafi na Avira

Da kyau, sannan yana nuna bayanan da aka tattara zuwa na'ura mai kwakwalwa:

Mai satar kalmar sirri a cikin software na riga-kafi na riga-kafi na Avira

Asalin matsalar

  • Sashin yana tattara bayanan mai amfani;
  • Sashin baya tabbatar da shirin kira (misali, ta ko yana da sa hannun dijital daga masana'anta da kanta);
  • Sashin yana da sa hannu na dijital "amintaccen" kuma baya haifar da tuhuma tsakanin sauran masana'antun software na rigakafin ƙwayoyin cuta;
  • Sashin yana gudana azaman aikace-aikacen daban.

IoC

SHA1: 13c95241e671b98342dba51741fd02621768ecd5.

An fitar da CVE-2020-12680 don wannan fitowar.

A ranar 07.04.2020/XNUMX/XNUMX na aika da wasiƙa game da wannan matsalar zuwa: [email kariya] и [email kariya] tare da cikakken bayanin. Babu haruffan amsawa, gami da na tsarin atomatik. Bayan wata daya, ana rarraba bangaren da aka siffanta a cikin Avira Free Antivirus rarraba.

source: www.habr.com

Add a comment