“Skimming through the leaked source code of such password-stealers, we started speculating about the attack surface described above.” “After the malware collects these SQLite files, it sends them to its C2 server where they are parsed using PHP and stored in a collective database containing all of the stolen credentials,” researchers outlined in a technical paper. The roots of Check Point’s unearthing of this new class of vulnerabilities traces back to work by researchers looking to backdoor password-stealing malware samples Azorult, Loki Bot and Pony. While all SQLite issues were disclosed privately and patched (CVE-2019-8600, CVE-2019-8598, CVE-2019-8602, CVE-2019-8577) in the latest SQLite version along with iOS patches deployed in May by Apple (iOS 12.3), researchers said there are countless problematic scenarios that should give researchers pause. “Any code, web or native, querying an attacker-controlled database might be in danger,” the researcher said. The overall attack technique targeting SQLite allows an attacker to take control of a SQLite database. (See bottom of page for video demo of hack). “We can gain administrative control of the device through the database engine that iOS uses (SQLite)… iPhone’s contacts are stored in SQLite databases and that is how a hacker gains entry,” said Gull. However, from a security perspective, it has only been examined through the lens of WebSQL and browser exploitation,” said Omer Gull, vulnerability researcher at Check Point, at DEF CON on Saturday, adding that SQLite attack scenarios should be considered a “major cyber-threat.”Ĭheck Point demonstrated at the show how an attack against SQLite could be used to bypass the iPhone’s secure boot mechanism in iOS by replacing the contacts database (AddressBook.sqlitedb) prior to reboot with a rogue database - leading to privilege escalation. “SQLite is one of the most deployed software in the world. SQLite is a lightweight, self-contained database engine widely used in browsers, operating systems and mobile phones. The new attack techniques exploit memory-corruption issues in the SQLite engine itself - leading to a host of new hacks, including code execution on an iOS device LAS VEGAS – Researchers at Check Point have identified a new class of vulnerabilities targeting SQLite, outside the context of a browser for the first time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |