Litokollo tse nepahetseng tsa kabo ea OpenWrt li phatlalalitsoe и , eo ho eona e felisitsoeng (CVE-2020-7982) ho mookameli oa sephutheloana , e u lumellang ho etsa tlhaselo ea MITM le ho nkela litaba tsa sephutheloana se jarollotsoeng sebakeng sa polokelo. Ka lebaka la phoso ea khoutu ea netefatso ea cheke, mohlaseli a ka theha maemo ao tlas'a ona li-checksums tsa SHA-256 tse teng ho index ea pakete e saenneng ka dijithale li tla hlokomolohuoa, e leng se etsang hore ho khonehe ho feta mekhoa ea ho lekola botšepehi ba lisebelisoa tsa ipk tse jarollotsoeng.
Bothata esale bo hlaha ho tloha ka Hlakola 2017, kamora khoutu ea ho hlokomoloha libaka tse etellang pele pele ho cheke. Ka lebaka la phoso ha u tlola libaka, sesupo sa boemo bo moleng ha sea ka sa suthisoa 'me SHA-256 hexadecimal decoding loop hang-hang e ile ea khutlisa taolo mme ea khutlisa cheke ea bolelele ba zero.
Kaha mookameli oa sephutheloana sa opkg ho OpenWrt o qalisoa ka litokelo tsa motso, ha ho ka ba le tlhaselo ea MITM, mohlaseli a ka etsa liphetoho ka khutso ho sephutheloana sa ipk se jarollotsoeng sebakeng sa polokelo ha mosebelisi a ntse a etsa taelo ea "opkg install", mme a hlophisa ts'ebetsong ea khoutu ea hae ka litokelo tsa motso ka ho kenyelletsa mangolo a hau a ho sebetsana le sephutheloana, se bitsoang nakong ea ho kenya. Ho sebelisa monyetla oa ho ba kotsing, mohlaseli o tlameha ho hlophisa hore ho fetoloe index ea sephutheloana e nepahetseng le e saenneng (mohlala, e fanoeng ho tsoa ho downloads.openwrt.org). Boholo ba sephutheloana se fetotsoeng bo tlameha ho ts'oana le boholo ba mantlha bo hlalositsoeng ho index.
Boemong boo u hlokang ho bo etsa ntle le ho ntlafatsa firmware eohle, u ka ntlafatsa feela mookameli oa sephutheloana sa opkg ka ho sebelisa litaelo tse latelang:
cd / tmp
ntlafatso ea opkg
opkg jarolla opkg
zcat ./opkg-lists/openwrt_base | grep -A10 "Package: opkg" | grep SHA256sum
sha256sum ./opkg_2020-01-25-c09fe209-1_*.ipk
E latelang, bapisa li-checksums tse bontšitsoeng 'me haeba li lumellana, etsa:
opkg install ./opkg_2020-01-25-c09fe209-1_*.ipk
Liphetolelo tse ncha li boetse li felisa e 'ngoe hape ka laeboraring , e ka lebisang ho buffer ho tlala ha e sebetsoa ts'ebetsong data e hlophisitsoeng ka ho khetheha ea serialized binary kapa JSON. Laeborari e sebelisoa likarolong tse kang netifd, procd, ubus, rpcd le uhttpd, hammoho le sephutheloana. (O kene ho sysUpgrade CLI). Tšireletseho ea buffer e etsahala ha litšobotsi tse kholo tsa linomoro tsa mofuta oa "habeli" li fetisoa ka li-blob blocks. O ka hlahloba ho ba kotsing ea sistimi ea hau ho bofokoli ka ho sebelisa taelo:
$ubus letsetsa luci getFeatures\
'{"banik": 00192200197600198000198100200400.1922 }'
Ntle le ho tlosa bofokoli le ho lokisa liphoso tse bokelletsoeng, tokollo ea OpenWrt 19.07.1 e boetse e nchafalitse mofuta oa Linux kernel (ho tloha ho 4.14.162 ho isa ho 4.14.167), e rarollotse mathata a ts'ebetso ha ho sebelisoa maqhubu a 5GHz, le tšehetso e ntlafalitsoeng ea Ubiquiti Rocket M. Titanium, lisebelisoa tsa Netgear WN2500RP v1,
Zyxel NSA325, Netgear WNR3500 V2, Archer C6 v2, Ubiquiti EdgeRouter-X, Archer C20 v4, Archer C50 v4 Archer MR200, TL-WA801ND v5, HiWiFi HC5962, Xiaomi Mi Router 3 Pro le 6350 Nedgear.
Source: opennet.ru