Tavis Ormandy (), mai binciken tsaro a Google wanda ke haɓaka aikin , da nufin jigilar kaya don Windows dakunan karatu na DLL don amfani da su a cikin aikace-aikacen don LinuxAikin yana samar da ɗakin karatu na Layer wanda za'a iya amfani dashi don loda fayil ɗin PE/COFF DLL da kuma kiran ayyukan da aka ayyana a cikinsa. Mai loda PE/COFF ya dogara ne akan lambar. . Lambar aikin mai lasisi a ƙarƙashin GPLv2.
LoadLibrary yana kula da loda ɗakin karatu cikin ƙwaƙwalwar ajiya da kuma shigo da alamomin da ke akwai, yana samarwa Linux- API mai salon dlopen don aikace-aikacen. Ana iya gyara lambar da aka haɗa ta amfani da gdb, ASAN, da Valgrind. Ana iya daidaita lambar lokacin gudu ta hanyar ƙugiya da facin lokacin gudu. Ana tallafawa sarrafawa da sassautawa na musamman don C++.
Manufar aikin ita ce shirya gwajin fuzzing mai araha da inganci na ɗakunan karatu na DLL a cikin yanayi bisa ga Linux. A Windows Gudanar da gwajin fuzzing da rufewa ba ya ba da damar cimma ingantaccen aiki da ake buƙata kuma sau da yawa yana buƙatar ƙaddamar da wani misali na daban na kama-da-wane Windows, musamman lokacin ƙoƙarin yin nazarin samfura masu rikitarwa, kamar software na riga-kafi, waɗanda suka ƙunshi ayyukan kernel da sararin mai amfani. Ta amfani da LoadLibrary, masu bincike na Google suna neman raunin da ke cikin kododin bidiyo, na'urorin na'urorin na'urorin riga-kafi, ɗakunan karatu na rage matsa lamba na bayanai, na'urorin ...
Misali, ta amfani da LoadLibrary, yana yiwuwa a tura shi don ya gudana a ciki Linux injin riga-kafi Windows Mai Kare. Yana bincike mpengine.dll, wanda shine tushen Windows Mai kare ya ba da damar yin nazari kan adadi mai yawa na masu sarrafa tsari daban-daban, masu kwaikwayon tsarin fayil da masu fassara harshe waɗanda ke iya samar da vectors ga .
An kuma yi amfani da LoadLibrary don ganowa a cikin kunshin riga-kafi na Avast. Lokacin nazarin DLL daga wannan riga-kafi, an bayyana cewa maɓalli na gata tsarin dubawa ya haɗa da cikakken fassarar JavaScript da aka yi amfani da shi don yin koyi da aiwatar da lambar JavaScript na ɓangare na uku. Wannan tsari ba ya keɓanta a cikin mahallin akwatin yashi, baya sake saita gata, kuma yana nazarin bayanan waje mara tabbaci daga tsarin fayil da zirga-zirgar hanyar sadarwa da aka katse. Tunda duk wani rauni a cikin wannan hadaddun tsari da tsari mara kariya na iya haifar da rashin daidaituwa ga tsarin gaba ɗaya, an ƙirƙiri harsashi na musamman dangane da LoadLibrary. don bincika raunin da ke cikin na'urar daukar hoton riga-kafi ta Avast a cikin muhalli bisa ga Linux.
source: budenet.ru
