Tais Ormandy (), tus kws tshawb fawb txog kev ruaj ntseg ntawm Google uas tab tom tsim qhov project , tsom rau porting DLLs muab tso ua ke rau Windows rau siv hauv Linux daim ntawv thov. Qhov project muab cov tsev qiv ntawv txheej uas koj tuaj yeem thauj cov ntaub ntawv DLL hauv PE / COFF hom thiab hu rau cov haujlwm uas tau teev tseg hauv nws. PE/COFF bootloader yog raws li cov cai . Qhov project code muaj ntawv tso cai raws li GPLv2.
LoadLibrary saib xyuas kev thauj khoom lub tsev qiv ntawv rau hauv nco thiab xa cov cim uas twb muaj lawm, muab cov ntawv thov Linux nrog dlopen-style API. Lub plug-in code tuaj yeem raug debugged siv gdb, ASAN thiab Valgrind. Nws tuaj yeem hloov kho cov cai ua tiav thaum lub sijhawm ua tiav los ntawm kev sib txuas hooks thiab siv thaj ua rau thaj (runtime patching). Txhawb nqa tshwj xeeb tuav thiab unwinding rau C ++.
Lub hom phiaj ntawm txoj haujlwm yog txhawm rau txhim kho scalable thiab muaj txiaj ntsig faib fuzzing kuaj ntawm DLL cov tsev qiv ntawv hauv ib puag ncig Linux. Hauv Windows, fuzzing thiab kev ntsuam xyuas tsis zoo heev thiab feem ntau yuav tsum tau khiav ib qho piv txwv virtualized ntawm Windows, tshwj xeeb tshaj yog thaum sim tshuaj xyuas cov khoom nyuaj xws li antivirus software uas nthuav dav cov ntsiav thiab cov neeg siv qhov chaw. Siv LoadLibrary, Google cov kws tshawb fawb tab tom tshawb nrhiav qhov tsis zoo hauv video codecs, tus kab mob scanners, cov ntaub ntawv decompression qiv, duab decoders, thiab lwm yam.
Piv txwv li, nrog kev pab los ntawm LoadLibrary peb tuaj yeem tso lub Windows Defender antivirus cav los khiav ntawm Linux. Txoj kev kawm ntawm mpengine.dll, uas tsim lub hauv paus ntawm Windows Defender, ua rau nws muaj peev xwm txheeb xyuas ntau tus txheej txheem ua haujlwm zoo rau ntau hom, cov ntaub ntawv kaw lus emulators thiab cov neeg txhais lus uas muaj peev xwm muab vectors rau .
LoadLibrary kuj tau siv los txheeb xyuas nyob rau hauv lub pob Avast antivirus. Thaum kawm DLL los ntawm qhov kev tiv thaiv kab mob no, nws tau tshaj tawm tias cov txheej txheem tseem ceeb ntawm kev tshuaj ntsuam xyuas suav nrog tus neeg txhais lus JavaScript tag nrho siv los ua raws li kev ua tiav ntawm tus neeg thib peb JavaScript code. Cov txheej txheem no tsis raug cais tawm hauv ib puag ncig sandbox, tsis rov pib dua cov cai, thiab txheeb xyuas cov ntaub ntawv tsis tau lees paub los ntawm cov ntaub ntawv kaw lus thiab cuam tshuam cov tsheb khiav hauv lub network. Txij li thaum muaj qhov tsis zoo nyob rau hauv cov txheej txheem nyuaj thiab tsis muaj kev tiv thaiv no tuaj yeem ua rau muaj kev cuam tshuam rau tej thaj chaw deb ntawm tag nrho cov kab ke, lub plhaub tshwj xeeb tau tsim los ntawm LoadLibrary txhawm rau txheeb xyuas qhov tsis zoo hauv Avast antivirus scanner hauv Linux-based ib puag ncig.
Tau qhov twg los: opennet.ru