当前位置:首页 > 报告详情

QuickShell:分享即关爱——针对 QuickShare 的远程代码执行攻击链.pdf

上传人: 竿*** 编号:982138 2025-11-29 104页 5.78MB

1、QuickShellSharing is caring about an RCE attack Sharing is caring about an RCE attack chain on Quick Sharechain on Quick ShareOr YairSecurity Research Team Lead at SafeBreach8 years in Security ResearchPast research in Linux,embedded,Android5 years Windows researchShmuel Cohen-Contributer6+years in

2、Security IndustryPast APT Malware Researcher4+years Windows researchAgendaWhy Quick ShareProtocol OverviewFuzzingResearch Approach Shift+Vulnerability DiscoveryRCE ChainTakeawaysGitHub+Q&AWhat is Quick Share?Quick ShareWhy Quick Share?Quick Share Windows VersionQuick Share Pre-installation“were work

3、ing with leading PC manufacturers like LG to expand Quick Share to Windows PCs as a pre-installed app.”Google:Quick Share Communication MethodsVarious communication methods1st time by Google on WindowsPrevious Research2019 by Daniele Antonioli,Nils Ole Tippenhauer,Kasper Rasmussen:“Nearby Threats:Re

4、versing,Analyzing,and Attacking Googles Nearby Connections on Android”About Nearby Connections APIOnly AndroidNo CVEshttps:/francozappa.github.io/publication/rearby/paper.pdfNearby&Chromium Open-Source ReposContain part of the code for Quick Share for Windows New Windows App New App New vulnsWindows

5、 app will be pre-installedVarious communication methods Various attack vectorsGoogles first Windows app to use these APIsSome of the code is open-sourceNo CVEsWhy Quick ShareResearch GoalFirst RCE in Quick ShareProtocol InvestigationInvestigating The“nearby”repoFinding the communication functions Se

6、nd&Recv:Protobuf and Offline FramesProtobuf and Offline Framesoffline_wire_formats.protoQuickSniff 1stToolHooking Quick Share to sniff sent and received Offline Frames on WindowsProtocol OverviewNearby Connections APIQuick Share ImplementationNearby Connections APIProtobuf BasedEncryption-Googles Uk

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: - **Quick Share 安全问题**:Quick Share 在 Windows 版本中存在多个安全漏洞,包括远程代码执行(RCE)风险。 - **研究目标**:发现 Quick Share 的第一个 RCE 漏洞,并研究其协议和实现方式。 - **漏洞类型**:包括远程文件写入、强制 WiFi 连接、目录遍历、拒绝服务(DoS)等。 - **研究方法**:使用模糊测试和逻辑漏洞分析。 - **发现成果**:发现了 10 个漏洞,包括一个 RCE 漏洞。 - **Google 响应**:Google 已部署修复措施,并发布了 CVE 编号。 - **教训**:简单或已知问题可能隐藏严重风险,不应被低估。
漏洞背后的真相?" Quick Share如何被攻破?" Quick Share安全漏洞全解析"
客服
商务合作
小程序
服务号
折叠