Exploring the New World : Remote Exploitation of SQLite and Curl

Channel:
United States All Hacking Cons
Subscribers:
5,970
Published on ● Video Link: https://www.youtube.com/watch?v=Sv779mzXCbE


Duration: 46:52
5 views
0

Wenxiang Qian | Senior security researcher, Tencent Blade Team
YuXiang Li | Senior security researcher, Tencent Blade Team
HuiYu Wu | Senior security researcher, Tencent Blade Team
Location: Lagoon GHI
Date: Thursday, August 8 | 5:00pm-6:00pm
Format: 50-Minute Briefings
Tracks: Exploit Development, Internet of Things

Over the past years, our team has used several new approaches to identify multiple critical vulnerabilities in SQLite and Curl, two of the most widely used basic software libraries. These two sets of vulnerabilities, which we named "Magellan" and "Dias" respectively, affect many devices and software. We exploited these vulnerabilities to break into some of the most popular Internet of things devices (including Google Home with Chrome), one of the most widely used Web server (Apache+PHP) and one of the most commonly used developer tool (Git).

In this presentation, we will share new methods to discover vulnerabilities in SQLite and Curl through Fuzz and manual auditing. Through these methods, we found "Magellan", a set of three heap buffer overflow and heap data disclosure vulnerabilities in SQLite ( CVE-2018-20346, CVE-2018-20505 CVE-2018-20506 ) We also found "Dias", two remote memory leak and stack buffer overflow vulnerabilities in Curl ( CVE-2018-16890 and CVE-2019-3822 ). Considering the fact that these vulnerabilities affect many systems and software, we have issued a vulnerability alert to notify the vulnerable vendor to fix it.

We will disclose the details of "Magellan" and "Dias" for the first time and highlight some of our new vulnerability exploitation techniques. In the first part, we will analyze how to use Magellan to complete the first public remote exploit of Google Home. In the second part, we will talk about how to use Dias to complete the remote attack on Apache+PHP and Git. Finally, we will summarize our research and provide some security development advice to the basic software library developers.

Black Hat - USA - 2019 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-07Adventures in the Underland The CQForensic Toolkit as a Unique Weapon Against Hackers
2022-01-07Everybody be Cool, This is a Robbery!
2022-01-07Biometric Authentication Under Threat Liveness Detection Hacking
2022-01-07Hunting for Bugs, Catching Dragons
2022-01-07Exploiting Qualcomm WLAN and Modem Over The Air
2022-01-07I'm Unique, Just Like You: Human Side-Channels and Their Implications for Security and Privacy
2022-01-07All the 4G Modules Could be Hacked!
2022-01-07Exploiting the Hyper V IDE Emulator to Escape the Virtual Machine
2022-01-07Infighting Among Russian Security Services in the Cyber Sphere
2022-01-07All Your Apple are Belong to Us: Unique Identification and Cross-Device Tracking of Apple Devices
2022-01-07Exploring the New World : Remote Exploitation of SQLite and Curl
2022-01-07Firmware Cartography: Charting the Course for Modern Server Compromise
2022-01-07API-Induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web
2022-01-07Fantastic Red-Team Attacks and How to Find Them
2022-01-07Arm IDA and Cross Check Reversing the Boeing 787's Core Network
2022-01-07Finding a Needle in an Encrypted Haystack: Detect the Most Prevalent Attacks on Active Directory
2022-01-07Flying a False Flag: Advanced C2, Trust Conflicts, and Domain Takeover
2022-01-07Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD)
2022-01-07GDPArrrrr: Using Privacy Laws to Steal Identities
2022-01-07Finding Our Path: How We're Trying to Improve Active Directory Security
2022-01-07Ghidra - Journey from Classified NSA Tool to Open Source


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
crime
password
code
web
concept
thief
protection
network
fraud
malware
secure
identity
software
access
system
firewall
privacy
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Wenxiang Qian
YuXiang Li
HuiYu Wu
remote exploitation
sqlite
curl