Thursday , January 20 2022

Lots of Android apps yet to catch bug in Google Play Core Library


Client-side vulnerabilities in the Google Play Core Library, patched by the company in April, are still present in many Android apps because developers have not yet included the patch in these apps.

Security company Check Point He said it had begun to monitor vulnerable applications since the release of the cloth.

Explaining the library’s functions, Check Point researchers Aviran Hazum and Jonathan Shimonovich wrote: “The Play Core Library is your app’s running interface with the Google Play Store. Some of the things you can do with Play Core include : download additional language resources; manage feature module delivery; manage asset package delivery; trigger in-app updates; and request in-app reviews. “

They said the vulnerability could be described briefly this way: “Inside each application’s sandbox, there are two folders: one for ‘checked’ files received by Google Play, and another for files’ unverified files’ Downloaded files from Google Play services go to the checked folder, while files downloaded from other sources are sent to the unverified folder .When a file is written to the checked folder, it interacts with the Google Play Core library that loads and executes it.

“Another feature, exported intent, allows other sources to push files into the sandbox of the hosting application. There are some limitations: the file is pushed to the unverified folder, and not it is handled automatically by the library.

“The vulnerability lies within the combination of the two features mentioned above, and also uses file-crossing, a concept as old as the Internet itself. When a third-party source pushes a file to another program, it needs to supply a path for the file to be written in. If an attacker uses a file traversal (../verified_splits/my_evil_payload.apk), the payload is written to the checked folder, and loaded automatically to the vulnerable application and execute it within its scope. “

Some of the best known apps that use this library are Google Chrome, Facebook, Instagram, WhatsApp, SnapChat, Booking and Edge.

The researchers said that if a malicious application could exploit the vulnerability, then it would be able to run code inside many popular apps with the same permissions as the app itself.

“The possibilities are limited only by our creativity,” said Hazum and Shimonovich, citing the following examples:

  • Inject code into banking applications to grab references, and at the same time get SMS permission to steal the two-factor authentication codes.
  • Injection code in business applications to access corporate resources.
  • Inject code into social media applications to spy on the victim, and use location access to track the device.
  • Inject code into instant messaging apps to grab all messages, and possibly send messages on behalf of the victim.

In September, 13% of Google Play applications analyzed used the library, and 8% had a vulnerable version, the duo found.

The following apps were found to have a vulnerable version of the library: Viber, Booking (both now patched), Cisco Teams (patched on 3 December), Yango Pro (Taximeter), Moovit (patched on 3 December), Grindr (patched on 3 December), OKCupid, Microsoft Edge, Xrecorder and PowerDirector.

“Like our demo video [above] shows, it’s easy to exploit this vulnerability, “said Hazum and Shimonovich.” All you have to do is create a ‘hello world’ application that calls the exported intent in the vulnerable app to push a file to the file folder checked with the cross path -file.

“Then sit back and watch the magic happen. To demonstrate targeting a specific application, we took a vulnerable version of the Google Chrome application and created a dedicated payload to grab its bookmarks.”

Now is the Time for 400G Migration

The optical fiber community is anxiously awaiting the benefits that 400G wavelength capacity will bring to existing and future fiber optic networks.

Almost all businesses want to leverage the latest digital offerings to remain competitive in their respective markets and provide support for fast and growing data capacity demands. 400G is the answer.

There are initial challenges associated with supporting such a project and upgrading to fulfill the promise of higher capacity transportation.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux / demux, ROADM, and optical amplifiers, all of which must be capable of supporting 400G capacity.

With today’s proprietary full-power cost-effective transceivers and DSP, how is migrating to 400G networks going to be a viable option?

PacketLight’s next-generation standardized solutions may be the answer. Click below to read the full article.


Source link