A malicious developer needs to only call on the ShareIt's file-content provider and pass it a file path for the developer to get back any of the files in ShareIt's "private" directory. This indicates that any third-party entity can still gain temporary read/write access to the content provider's data." Passing along some permissions is normal, but Trend Micro found that ShareIt doesn't try to scope down its permissions at all and will happily serve up its files to any app that asks. The report says: "The developer behind this disabled the exported attribute via android:exported="false", but enabled the android:grantUriPermissions="true" attribute. Advertisementįurther Reading Fortnite’s Android vulnerability leads to Google/Epic Games spatShareIt doesn't seem to have given much thought to the need to sanitize its content-provider capabilities. ShareIt's website (which, just like the app, does not default to HTTPS) says the service is "now a leading content platform" and popular in Southeast Asia, South Asia, the Middle East, Africa, and Russia. The app was considered one of the best for local file sharing, but today the Play Store listing shows an app that offers "Infinite Online Videos," "Tens of millions of high-quality songs," "GIFs, Wallpapers & Stickers," a "popular" media section that looks like a social network, a game store, a retail movie download section, COVID-19 check-in activity and case statistics, and what looks like its own form of currency. ShareIt's incredible success of a billion Android downloads and 1.8 billion users worldwide (there are also iOS, Windows, and Mac apps) has led to what looks like an incredible amount of app bloat. The security firm says it shared these vulnerabilities with ShareIt three months ago, but the company has yet to issue patches. Trend Micro says compromising the app can lead to remote code execution. It can delete apps, run at startup, create accounts and set passwords, and do a whole lot more. ![]() According to the Play Store permissions readout, ShareIt requests access to the entire user storage and all media, the camera and microphone, and location. The report says ShareIt's vulnerabilities can "be abused to leak a user's sensitive data and execute arbitrary code with ShareIt permissions." ShareIt's permissions, as a local file-sharing app, are pretty extensive. ShareIt has been downloaded over a billion times from the Play Store, and, according to App Annie, was one of the 10 most globally downloaded apps in 2019. The app was originally developed by Lenovo (it has since spun off into its own company) and for a time was pre-installed on Lenovo phones. xml file and most of the URLs therein use the insecure http protocol, making them possible MITM vectors as well.Trend Micro says it has found "several" security flaws in the popular Android app ShareIt. The app allows the download of other game apps listed in an. ![]() The researchers say that when the app downloads other apps from the download center, it checks an external directory that can be written to by any third-party app that has SDcard write permission. ![]() What's more, SHAREit is also vulnerable to a miscreant-in-the-middle (MITM) attack. ![]() While they note that Google Chrome implements a defense against silent app installation via deep link URL, they point out that a local app could still trigger a download and installation from an arbitrary URL. Duan and Chang say it's possible to install a malicious app and enable limited remote code execution. Because this feature will install an Android APK with the file suffix. The app also implements a deep linking feature that allows it to download files from any http/https URL that includes *. or domain.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |