Engqungqutheleni yeBlack Hat USA eLas Vegas umcimbi wokuklomelisa , egqamisa ubungozi obubaluleke kakhulu kanye nokwehluleka okungenangqondo emkhakheni wokuphepha kwekhompyutha. Imiklomelo yama-Pwnie ithathwa njengelingana nama-Oscars nama-Golden Raspberries emkhakheni wezokuphepha kwamakhompyutha futhi ibibanjwa minyaka yonke kusukela ngo-2007.
main и :
- Isiphazamisi seseva esihle kakhulu. Iklonyeliswa ngokuhlonza nokusebenzisa isiphazamisi esiyinkimbinkimbi kakhulu nesithakaselayo kusevisi yenethiwekhi. Abaphumelele bekungabacwaningi ubungozi kumhlinzeki we-VPN i-Pulse Secure, insizakalo yakhe ye-VPN esetshenziswa ngabakwa-Twitter, Uber, Microsoft, sla, SpaceX, Akamai, Intel, IBM, VMware, US Navy, US Department of Homeland Security (DHS) futhi mhlawumbe ingxenye ye izinkampani ezivela ohlwini lwe-Fortune 500. Abacwaningi bathole i-backdoor evumela umhlaseli ongagunyaziwe ukuthi ashintshe iphasiwedi yanoma yimuphi umsebenzisi. Amathuba okuxhaphaza inkinga ukuze athole ukufinyelela kwezimpande kuseva ye-VPN lapho kuphela ichweba le-HTTPS elivuliwe liye laboniswa;
Phakathi kwamakhandidethi angazange awuthole umklomelo, kungaqashelwa okulandelayo:
- Kusetshenziswe esigabeni sokuqinisekisa kwangaphambilini ohlelweni lokuhlanganisa oluqhubekayo lwe-Jenkins, olukuvumela ukuthi wenze ikhodi kuseva. Ukuba sengozini kusetshenziswa ngokugcwele ama-bots ukuhlela izimayini ze-cryptocurrency kumaseva;
- Okubucayi kuseva ye-Exim mail, ekuvumela ukuthi wenze ikhodi kuseva enamalungelo empande;
- kumakhamera we-Xiongmai XMeye P2P IP, akuvumela ukuthi ulawule idivayisi. Amakhamera anikezwe iphasiwedi yobunjiniyela futhi awazange asebenzise ukuqinisekiswa kwesiginesha yedijithali lapho ebuyekeza i-firmware;
- Okubucayi ekusetshenzisweni kwephrothokholi ye-RDP ku-Windows, ekuvumela ukuthi wenze ikhodi yakho ukude;
- ku-WordPress, ehlotshaniswa nokulayisha ikhodi ye-PHP ngaphansi kwesithunzi sesithombe. Inkinga ikuvumela ukuthi wenze ikhodi engafanele kuseva, ube namalungelo ombhali wezincwadi (Umbhali) esizeni;
- Isiphazamisi Sesofthiwe Yeklayenti Engcono Kakhulu. Owinile kwaba lula ukusebenziseka ohlelweni lokushaya lweqembu le-Apple FaceTime, okuvumela umqalisi wekholi yeqembu ukuphoqa ukuthi ikholi yamukelwe yiqembu elibiziwe (isibonelo, ukulalela nokucupha).
Abanye abaqokelwe umklomelo yilaba:
- ku-WhatsApp, ekuvumela ukuthi wenze ikhodi yakho ngokuthumela ikholi yezwi eklanywe ngokukhethekile;
- kulabhulali yezithombe ze-Skia esetshenziswa kusiphequluli se-Chrome, okungaholela ekonakaleni kwenkumbulo ngenxa yamaphutha amaphuzu antantayo kwezinye izinguquko zejiyomethri;
- Ukuphakama Okungcono Kakhulu Kokungcupheni Kwelungelo. Ukunqoba kwaklonyeliswa ngokuhlonza ku-iOS kernel, engasetshenziswa nge-ipc_voucher, efinyeleleka ngesiphequluli se-Safari.
Abanye abaqokelwe umklomelo yilaba:
- ku-Windows, okukuvumela ukuthi uthole ukulawula okugcwele kusistimu ngokukhohlisa ngomsebenzi we-CreateWindowEx (win32k.sys). Inkinga ikhonjwe ngesikhathi sokuhlaziywa kohlelo olungayilungele ikhompuyutha esebenzise ubungozi ngaphambi kokuba ilungiswe;
- ku-runc ne-LXC, ethinta i-Docker nezinye izinhlelo zokuhlukanisa iziqukathi, okuvumela isitsha esisodwa esilawulwa umhlaseli ukuthi siguqule ifayela elisebenzisekayo le-runc futhi sithole amalungelo ezimpande ohlangothini lwesistimu yokusingatha;
- ku-iOS (CFPrefsDaemon), ekuvumela ukuthi udlule izindlela zokuzihlukanisa futhi wenze ikhodi enamalungelo ezimpande;
- ku-edishini yesitaki se-Linux TCP esetshenziswa ku-Android, okuvumela umsebenzisi wendawo ukuthi aphakamise amalungelo akhe kudivayisi;
- ku-systemd-journald, ekuvumela ukuthi uthole amalungelo ezimpande;
- kusisetshenziswa se-tmpreaper sokuhlanza /tmp, esikuvumela ukuthi ulondoloze ifayela lakho kunoma iyiphi ingxenye yesistimu yefayela;
- I-Cryptographic Attack engcono kakhulu. Iklonyeliswe ngokuhlonza izikhala ezibaluleke kakhulu ezinhlelweni zangempela, izivumelwano nama-algorithms wokubethela. Umklomelo uklonyeliswe ngokuhlonza kubuchwepheshe bokuphepha benethiwekhi engenantambo ye-WPA3 kanye ne-EAP-pwd, ekuvumela ukuthi udale kabusha iphasiwedi yokuxhuma futhi uthole ukufinyelela kunethiwekhi engenantambo ngaphandle kokwazi iphasiwedi.
Abanye abantu abebezongenela lo mklomelo kube:
- ukuhlaselwa kwe-PGP kanye ne-S/MIME yokubethela kumaklayenti e-imeyili;
- indlela yokuqalisa ebandayo ukuze uthole ukufinyelela kokuqukethwe kwezahluko ze-Bitlocker ezibethelwe;
- ku-OpenSSL, ekuvumela ukuthi uhlukanise izimo zokuthola i-padding engalungile kanye ne-MAC engalungile. Inkinga ibangelwa ukuphatha okungalungile kwamabhayithi angu-ziro ku-padding oracle;
- enamakhadi omazisi asetshenziswa eJalimane kusetshenziswa i-SAML;
- nge-entropy yezinombolo ezingahleliwe ekusetshenzisweni kosekelo lwamathokheni e-U2F ku-ChromeOS;
- ku-Monocypher, ngenxa yokuthi amasiginesha angenalutho e-EdDSA aqashelwa njengalungile.
- Ucwaningo olusha kunawo wonke. Umklomelo uklonyeliswe kumthuthukisi wobuchwepheshe , esebenzisa imiyalelo yevekhtha ye-AVX-512 ukulingisa ukwenziwa kohlelo, okuvumela ukwenyuka okukhulu kwesivinini sokuhlola esifiphele (kufika kumiyalo eyizigidi eziyizinkulungwane ezingama-40-120 ngomzuzwana). Indlela yokusebenza ivumela indikimba ye-CPU ngayinye ukuthi isebenzise imishini ebonakalayo engu-8 64-bit noma engu-16 32-bit ngokuhambisana nemiyalo yokuhlolwa kwe-fuzzing yohlelo lokusebenza.
Abalandelayo bebefaneleka ukuthola umklomelo:
- kubuchwepheshe be-Power Query kusuka ku-MS Excel, ekuvumela ukuthi uhlele ukukhishwa kwekhodi futhi udlule izindlela zokuhlukanisa izinhlelo zokusebenza lapho uvula amaspredishithi aklanywe ngokukhethekile;
- ukukhohlisa umshayeli wezimoto zeTesla ukuze aqhubekisele phambili ukushayela emgwaqeni ozayo;
- ubunjiniyela obuhlanekezelwe be-ASICS chip Siemens S7-1200;
- - Isu lokulandelela ukunyakaza kweminwe ukuze kunqunywe ikhodi yokuvula ifoni, ngokusekelwe kumgomo wokusebenza kwe-sonar - izipikha eziphezulu neziphansi ze-smartphone zikhiqiza ukudlidliza okungezwakali, futhi imibhobho eyakhelwe ngaphakathi iyawathatha ukuze ahlaziye ubukhona bokudlidliza okuvela isandla;
- ikhithi yamathuluzi yobunjiniyela be-NSA ye-Ghidra;
- - indlela yokunquma ukusetshenziswa kwekhodi emisebenzini efanayo kumafayela amaningana asebenzisekayo ngokusekelwe ekuhlaziyweni kwemihlangano kanambambili;
- indlela yokudlula indlela ye-Intel Boot Guard yokulayisha i-firmware ye-UEFI eguquliwe ngaphandle kokuqinisekiswa kwesiginesha yedijithali.
- Ukusabela okukhubazekile kakhulu okuvela kumthengisi (Impendulo Yomthengisi Ekhubazekile). Ukuqokwa kwempendulo enganele kakhulu yomlayezo mayelana nokuba sengozini emkhiqizweni wakho. Abanqobile bangabathuthukisi besikhwama se-BitFi crypto, abamemeza mayelana nokuphepha okuphezulu komkhiqizo wabo, okuvele kube yimicabango, bahlukumeze abacwaningi abahlonza ubuthakathaka, futhi abakhokhi amabhonasi athembisiwe ekuhlonzeni izinkinga;
Phakathi kwabafake izicelo zomklomelo kuphinde kwabhekwa:
- Umcwaningi wezokuphepha usole umqondisi we-Atrient ngokumhlasela ukuze amphoqe ukuthi asuse umbiko mayelana nokuba sengozini akuhlonze, kodwa umqondisi uyasiphika lesi sigameko futhi namakhamera aqaphayo awazange abhale ukuhlasela;
- Ukusondeza kubambezelekile ukulungisa inkinga ebalulekile ohlelweni lwayo lwenkomfa futhi yalungisa inkinga kuphela ngemva kokudalulwa komphakathi. Ukuba sengozini kuvumele umhlaseli wangaphandle ukuthi athole idatha kumakhamera ewebhu abasebenzisi be-macOS lapho evula ikhasi elakhiwe ngokukhethekile esipheqululini (i-Zoom yethule iseva ye-http ohlangothini lweklayenti ethole imiyalo kuhlelo lokusebenza lendawo).
- Ukwehluleka ukulungisa isikhathi esingaphezu kweminyaka eyi-10 ngamaseva wokhiye we-cryptographic we-OpenPGP, echaza iqiniso lokuthi ikhodi ibhalwe ngolimi oluthile lwe-OCaml futhi ihlala ingenaye umnakekeli.
Isimemezelo esibabazeka kakhulu sokuba sengozini okwamanje. Iklonyeliswe ngokusakazwa okudabukisayo nokukhulu kwenkinga ku-inthanethi nabezindaba, ikakhulukazi uma ubungozi bugcina bubonakala bungenakusebenziseka ekusebenzeni. Umklomelo uklonyeliswe iBloomberg mayelana nokuhlonzwa kwama-spy chips kumabhodi e-Super Micro, angazange aqinisekiswe, futhi umthombo ukhonjiswe ngokuphelele .
Kushiwo ekuqokweni:
- Ukuba sengozini ku-libssh, okuyinto izinhlelo zokusebenza zeseva eyodwa (i-libssh cishe ayikaze isetshenziselwe iziphakeli), kodwa yethulwe Iqembu le-NCC njengobungozi obuvumela ukuhlasela noma iyiphi iseva ye-OpenSSH.
- Hlasela usebenzisa izithombe ze-DICOM. Iphuzu ukuthi ungalungiselela ifayela elisebenzisekayo le-Windows elizobukeka njengesithombe esivumelekile se-DICOM. Leli fayela lingadawunilodeka emshinini wezokwelapha futhi lisetshenziswe.
- Ukuba sengozini , okukuvumela ukuthi udlule indlela ephephile yokuqalisa kumadivayisi e-Cisco. Ukuba sengozini kubhekwa njengenkinga egcwele ngokweqile ngoba idinga amalungelo ezimpande ukuze ihlasele, kodwa uma umhlaseli esekwazile ukuthola ukufinyelela kwezimpande, ikuphi ukuvikeleka esingakhuluma ngakho. Ukuba sengozini kuphinde kwawina esigabeni sezinkinga ezibukelwa phansi kakhulu, njengoba kukuvumela ukuthi wethule i-backdoor engunaphakade ku-Flash;
- Ukwehluleka okukhulu (Inqwaba ye-Epic FAIL). Ukunqoba kwaklonyeliswa i-Bloomberg ngochungechunge lwama-athikili ahlabayo anezihloko zezindaba ezinomsindo kodwa amaqiniso enziwe, ukucindezelwa kwemithombo, ukwehlela emibonweni yozungu, ukusetshenziswa kwamagama afana nokuthi “izikhali ze-cyberapons”, kanye nokusho okuvamile okungamukeleki. Abanye abaqokiwe bahlanganisa:
- Ukuhlaselwa kwe-Shadowhammer kusevisi yokuvuselela i-Asus firmware;
- Ukugebenga i-vault ye-BitFi ikhangiswe “njengengangeneki”;
- Ukuvuza kwedatha yomuntu siqu kanye ukufinyelela ku-Facebook.
Source: opennet.ru