Tavis Ormandy (), wofufuza zachitetezo ku Google yemwe akupanga ntchitoyi , yomwe cholinga chake ndi kutumiza ma DLL opangidwa kuti agwiritsidwe ntchito pa Linux. Pulojekitiyi imapereka laibulale yosanjikiza yomwe mutha kutsitsa fayilo ya DLL mumtundu wa PE / COFF ndikuyitanira ntchito zomwe zafotokozedwamo. PE/COFF bootloader imakhazikitsidwa ndi code . Project kodi zololedwa pansi pa GPLv2.
LoadLibrary imasamalira kukweza laibulale mu kukumbukira ndikulowetsa zizindikiro zomwe zilipo, kupereka pulogalamu ya Linux ndi API yotsika. Khodi ya pulagi ikhoza kusinthidwa pogwiritsa ntchito gdb, ASAN ndi Valgrind. Ndikotheka kusintha kachidindo komwe kakwaniritsidwe pakuphedwa mwa kulumikiza ndowe ndikugwiritsa ntchito zigamba (kuthamanga kwa nthawi). Imathandizira kusanja komanso kumasuka kwa C ++.
Cholinga cha pulojekitiyi ndikukonzekeretsa kuyesa kosavuta komanso koyenera kugawa kwamalaibulale a DLL m'malo ozikidwa pa Linux. Pa Windows, kuyezetsa ndi kubisalira sikothandiza kwambiri ndipo nthawi zambiri kumafuna kugwiritsa ntchito mawonekedwe osiyana a Windows, makamaka poyesa kusanthula zinthu zovuta monga mapulogalamu a antivayirasi omwe amakhala ndi kernel ndi malo ogwiritsa ntchito. Pogwiritsa ntchito LoadLibrary, ofufuza a Google akufufuza zofooka mu ma codec amakanema, makina ojambulira ma virus, malaibulale ochepetsa deta, ma decoder azithunzi, ndi zina zambiri.
Mwachitsanzo, mothandizidwa ndi LoadLibrary tinatha kuyika injini ya antivayirasi ya Windows Defender kuti igwire ntchito pa Linux. Kuphunzira kwa mpengine.dll, komwe kumapanga maziko a Windows Defender, kunapangitsa kuti zitheke kusanthula mapurosesa ambiri otsogola amitundu yosiyanasiyana, ma emulators amtundu wa mafayilo ndi omasulira a zilankhulo omwe atha kupereka ma vectors a. .
LoadLibrary idagwiritsidwanso ntchito kuzindikira mu phukusi la antivayirasi la Avast. Powerenga DLL kuchokera ku antivayirasi iyi, zidawululidwa kuti njira yayikulu yowunikira ikuphatikizapo womasulira wa JavaScript wathunthu omwe amagwiritsidwa ntchito kutengera kuphedwa kwa JavaScript code. Njirayi sinapatulidwe m'malo a sandbox, sikukhazikitsanso mwayi, ndikusanthula deta yakunja yosatsimikizika kuchokera pamafayilo amafayilo ndi kulumikizidwa kwamanetiweki. Popeza chiwopsezo chilichonse munjira yovutayi komanso yosatetezedwa ingayambitse kusokonekera kwadongosolo lonselo, chipolopolo chapadera chidapangidwa kutengera LoadLibrary. kusanthula zofooka mu scanner ya antivayirasi ya Avast m'malo ozikidwa pa Linux.
Source: opennet.ru