Posachedwa wofufuza waku Russia adatulutsa tsatanetsatane wazowopsa za masiku zero ku VirtualBox zomwe zimalola wowukira kuti atuluke pamakinawo kuti apange nambala yoyipa pamakina ogwiritsira ntchito.
Wofufuza waku Russia a Sergey Zelenyuk adapeza chiopsezo cha masiku zero chomwe chimakhudza mwachindunji mtundu wa 5.2.20 wa Virtual Box, komanso matembenuzidwe am'mbuyomu.
Kuopsa kumeneku kwapezeka amalola womenyerayo kuthawa makinawo (makina ogwiritsira ntchito alendo) ndikusunthira ku Ring 3, kuti kuchokera pamenepo mutha kugwiritsa ntchito njira zomwe zilipo kuti mukwaniritse mwayi ndikufikira dongosolo loyendetsa (kernel kapena ring 0).
Malinga ndi zomwe zawululidwa koyambirira, vutoli lilipo mu pulogalamu yapa pulogalamu yapa pulogalamu yolumikizira, yomwe ilipo pamakina onse othandizidwa.
Zotsatira
Pazovuta za Zero-Day zomwe zimapezeka mu VirtualBox
Malinga ndi fayilo yolemba yomwe idakwezedwa ku GitHub, Wofufuza wofufuza ku Saint Petersburg a Sergey Zelenyuk, anakumana ndi zolakwika zingapo zomwe zingalole kuti nambala yoyipa ituluke pamakina a VirtualBox (makina ogwiritsira ntchito alendo) ndipo amayendetsa makina oyendetsera (host).
Mukakhala kunja kwa VirtualBox VM, nambala yoyipa imayendera malo ochepa ogwiritsa ntchito.
"Zopezazo ndizodalirika 100%," adatero Zelenyuk. "Zikutanthauza kuti imagwira ntchito nthawi zonse kapena ayi chifukwa chosagwirizana bwino kapena zifukwa zina zobisika zomwe sindinaganizire."
Wofufuza waku Russia akuti zero-day imakhudza mitundu yonse yaposachedwa ya VirtualBox, imagwira ntchito posatengera alendo kapena alendo OS kuti wogwiritsa ntchito akuthamanga, ndipo ali wodalirika motsutsana ndi makonda osakwanira amakina omwe angopangidwa kumene.
A Sergey Zelenyuk, posagwirizana kotheratu ndi zomwe Oracle adayankha pulogalamu yawo yolakwika ndi kuwopsa kwa "kutsatsa," adayikanso kanema ndi PoC akuwonetsa masiku a 0 akugwira ntchito motsutsana ndi makina a Ubuntu omwe imayendetsa mkati mwa VirtualBox pa host OS komanso kuchokera ku Ubuntu.
Zelenyuk akuwonetsa tsatanetsatane wa momwe kachilomboka kangagwiritsidwe ntchito pamakina osinthidwa yokhala ndi "Intel PRO / 1000 MT Desktop (82540EM)" adaputala yamaukonde mumachitidwe a NAT. Ndiko kukhazikitsa kosasintha kwa machitidwe onse a alendo kuti athe kulumikizana ndi ma network akunja.
Momwe chiwopsezo chimagwirira ntchito
Malinga ndi ulangizi wopangidwa ndi Zelenyuk, chosinthira ma netiweki sichikhala pachiwopsezo, kulola woukirayo wokhala ndi mwayi / mizu kuthawa kuti akalandire mphete 3. Kenako, pogwiritsa ntchito njira zomwe zilipo, wowomberayo atha kukulitsa mwayi wa Ring - kudzera / dev / vboxdrv.
"[Intel PRO / 1000 MT Desktop (82540EM)] ili pachiwopsezo chomwe chimalola wovutitsayo wokhala ndi mwayi wotsogolera / mizu kwa mlendo kuthawira ku ring3. Kenako womenyerayo atha kugwiritsa ntchito njira zomwe zilipo kale kuti awonjezere mwayi woyimba 0 kudzera pa / dev / vboxdrv, "Zelenyuk akufotokoza mu pepala lake loyera Lachiwiri.
zelenyuk akuti chinthu chofunikira pakumvetsetsa momwe chiwopsezo chimagwirira ntchito ndikumvetsetsa kuti ma handles amasinthidwa asanafotokozere za deta.
Wofufuzirayo amafotokoza mwatsatanetsatane zomwe zimapangitsa kusokonekera kwachitetezo, ndikuwonetsa momwe angayambitsire zofunikira zofunika kuti apeze kusefukira kwa buffer komwe kumatha kuzunzidwa kuthawa m'ndende za makina opangira.
Choyamba, zidapangitsa kuti zinthu ziziyenda bwino kwambiri pogwiritsa ntchito mapaketi - magawo a data omwe amalola adaputala kuti azitha kupeza ma paketi amtundu wa memory memory.
Boma lino lidazunzidwa kuti liwerenge zambiri kuchokera pamakina ogwiritsira ntchito alendo kukhala chosungira mulu ndikupangitsa zinthu kusefukira zomwe zingapangitse kuti zolembera zigwiritsidwe ntchito; kapena kuyambitsa kuchuluka kwa kuchuluka.
Katswiriyu akuwonetsa kuti ogwiritsa ntchito amachepetsa vutoli posintha khadi yapaintaneti pamakina awo kukhala AMD PCnet kapena chosinthira chophatikizira kapena popewa kugwiritsa ntchito NAT.
“Mpaka pomwe makina okhala ndi VirtualBox atatuluka, mutha kusintha kirediti kadi yanu yamakina kukhala PCnet (iliyonse) kapena Paravirtualized Network.
Ndemanga za 2, siyani anu
Kutukuka kwambiri komanso luso laubongo wanga ... sindimamvetsetsa kotala la kotala lomwe limagwiritsa ntchito.
Vuto lalikulu ndilakuti ambiri omwe ali ndi Linux amagwiritsa ntchito VirtualBox kukhala ndi Windows, ndipo zimapezeka kuti Windows 7 ilibe dalaivala wa makhadi omwe katswiri akulangiza kuyika, ndipo choyipa kwambiri, ngati mungayang'anire driver wa PCnet pa intaneti, zimawoneka kuti Mukaisanthula ndi virustotal kapena ina iliyonse mumapeza zabwino 29 zapa virus, muwona momwe wina angayikitsire.