Eli nqaku yinxalenye yothotho lweFayileless Malware. Zonke ezinye iindawo zolu thotho:
I-Adventures ye-Elusive Malware, iCandelo I I-Adventures ye-Elusive Malware, iCandelo II: Imibhalo ye-VBA eyimfihlo I-Adventures ye-Elusive Malware, iCandelo le-III: Ii-scripts ze-VBA eziTangled zokuhleka kunye neNzuzo I-Adventures ye-Elusive Malware, iSigaba IV: iDDE kunye neWord Document Fields I-Adventures ye-Elusive Malware, iCandelo V: Nangakumbi i-DDE kunye ne-COM Scriptlets (silapha)
Kolu ngcelele lwamanqaku, siphonononga iindlela zokuhlasela ezifuna umgudu omncinci kwicala labahlaseli. Mandulo
Ulungiso longeza ungeniso lobhaliso oluvalayo Imisebenzi ye-DDE kwiLizwi. Ukuba usafuna olu sebenziso, ngoko ungabuyisela olu khetho ngokwenza i DDE ubunakho obudala.
Nangona kunjalo, isiqwenga sokuqala sigubungela kuphela iMicrosoft Word. Ngaba obu buthathaka be-DDE bukhona kwezinye iimveliso zeOfisi ka-Microsoft ezinokuthi zisetyenziswe kuhlaselo lwe-no-code? Ewe okuqinisekile. Umzekelo, unokuzifumana nakwi-Excel.
Ubusuku be-DDE ephilayo
Ndiyakhumbula ukuba ixesha lokugqibela ndayeka kwinkcazo ye-COM scriptlets. Ndiyathembisa ukuba ndiza kufika kubo kamva kweli nqaku.
Okwangoku, makhe sijonge kwelinye icala elibi le-DDE kuguqulelo lwe-Excel. Kanye njengeLizwi, abanye iimpawu ezifihlakeleyo zeDDE kwi-Excel ikuvumela ukuba wenze ikhowudi ngaphandle komzamo omkhulu. Njengomsebenzisi weLizwi oye wakhula, ndandiqhelene namasimi, kodwa kungekhona konke malunga nemisebenzi kwi-DDE.
Ndiye ndamangaliswa kukufunda ukuba kwi-Excel ndinokubiza iqokobhe kwiseli njengoko kubonisiwe ngezantsi:
Ubusazi na ukuba oku kunokwenzeka? Ngokomntu, andikwenzi
Oku kukwazi ukuphehlelela iqokobhe le-Windows kungenxa ye-DDE. Unokucinga ngezinye izinto ezininzi
Ii-aplikeshini onokuqhagamshela kuzo usebenzisa i-Excel eyakhelwe-ngaphakathi imisebenzi ye-DDE.
Ngaba nawe ucinga ngale nto ndiyicingayo?
Vumela umyalelo wethu ongaphakathi kwiseli uqale iseshoni yePowerShell ethi emva koko ikhuphele kwaye iphumeze ikhonkco - oku
Cofa nje i-PowerShell encinci ukuze ulayishe kwaye usebenzise ikhowudi ekude kwi-Excel
Kodwa kukho ukubamba: kufuneka ufake ngokucacileyo le datha kwiseli ukuze le fomula isebenze kwi-Excel. Ingaba ihacker ingawuphumeza njani lo myalelo weDDE ukude? Inyani kukuba xa itheyibhile ye-Excel ivuliwe, i-Excel iya kuzama ukuhlaziya zonke iikhonkco kwi-DDE. Iisetingi zeZiko leTrasti kudala zikwazi ukuvala oku okanye ukulumkisa xa uhlaziywa amakhonkco kwimithombo yedatha yangaphandle.
Nokuba ngaphandle kweziqendu zamva nje, unokukhubaza uhlaziyo lwekhonkco oluzenzekelayo kwi-DDE
IMicrosoft ngokwayo
Kulungile, kuthekani ngezigodo zesiganeko?
U-Microsoft nangona kunjalo uyishiyile i-DDE ye-MS Word kunye ne-Excel, ngoko ke ekugqibeleni iqonde ukuba i-DDE ifana ne-bug kunokusebenza. Ukuba ngesizathu esithile awukafaki ezi ziqwenga, usenako ukunciphisa umngcipheko wokuhlaselwa kwe-DDE ngokukhubaza uhlaziyo lwekhonkco oluzenzekelayo kunye nokuvumela izicwangciso ezenza abasebenzisi bahlaziye amakhonkco xa bevula amaxwebhu kunye ne-spreadsheets.
Ngoku umbuzo wesigidi seedola: Ukuba ulixhoba lolu hlaselo, ngaba iiseshini ze-PowerShell eziqaliswe ukusuka kumhlaba weLizwi okanye iiseli ze-Excel ziya kuvela kwilog?
Umbuzo: Ngaba iiseshoni ze-PowerShell ziqaliswe nge-DDE efakiweyo? Impendulo: ewe
Xa uqhuba iiseshoni zePowerShell ngokuthe ngqo kwiseli ye-Excel kunokuba njenge-macro, iWindows iya kungena ezi ziganeko (jonga ngasentla). Kwangaxeshanye, andinakubanga ukuba kuya kuba lula kwiqela lokhuseleko emva koko lidibanise onke amachaphaza phakathi kweseshoni yePowerShell, uxwebhu lwe-Excel kunye nomyalezo we-imeyile kwaye uqonde apho uhlaselo luqale khona. Ndiza kubuyela kule nto kwinqaku lokugqibela kuthotho lwam olungapheliyo kwi-malware enzima.
Injani iCOM yethu?
Ngaphambili
Kwavela ukuba umntu ulumke kakhulu
Boom! Enye indlela efihlakeleyo, ethuleyo yokumisela iqokobhe usebenzisa imibhalo ye-COM
Emva kokuhlolwa kwekhowudi ephantsi, umphandi wafumanisa ukuba yintoni ngokwenene impazamo kwisoftware yephakheji. Yayingenzelwanga ukuqhuba imibhalo yescript ye-COM, kodwa ukudibanisa kuphela iifayile. Andiqinisekanga ukuba sele kukho isiqwengana sobu sesichengeni. Kwisifundo sam ndisebenzisa indawo yokusebenzela yeAmazon eneOfisi ka-2010 efakwe ngaphambili, ndiye ndakwazi ukuphinda iziphumo. Noko ke, xa ndaphinda ndazama kamva, ayizange isebenze.
Ndiyathemba ukuba ndikuxelele izinto ezininzi ezinomdla kwaye kwangaxeshanye ndibonise ukuba abahlaseli banokungena kwinkampani yakho ngenye indlela. Nokuba ufaka zonke iipetshi zeMicrosoft zakutsha nje, abahlaseli basenezixhobo ezininzi zokufumana unyawo kwinkqubo yakho, ukusuka kwi-VBA macros ndiqale olu ngcelele ukuya kumthwalo okhohlakeleyo kwiLizwi okanye kwi-Excel.
Kwinqaku lokugqibela (ndiyathembisa) kule saga, ndiza kuthetha malunga nendlela yokubonelela ngokhuseleko oluhlakaniphile.
umthombo: www.habr.com