The team contacted the SHAREit Team multiple times over multiple platforms in early January 2018 but got no response until early February when the researchers warned the company to release the vulnerability details to the public after 30 days. Using their proof-of-concept exploit dubbed DUMPit!, the researchers managed to download nearly 3000 unique files having around 2GBs in less than 8 minutes of file transfer session. "There are other files that contain juicy information such as user's Facebook token, Amazon Web Service user's key, auto-fill data and cookies of websites visited using SHAREit webview and even the plaintext of user's original hotspot (the application stores it to reset the hotspot settings to original values) and much more," researchers said. To overcome this, researchers started looking for files with known paths that are already publicly available, including SHAREit History and SHAREit MediaStore Database, which may contain interesting information. Since exploitation simply involves sending a curl command referencing the path of the target file, one should know the exact location of the file one would like to retrieve. The flaws could be exploited by an attacker on a shared WiFi network, and unfortunately vulnerable SHAREit versions create an easily distinguished open Wi-Fi hotspot which one can use not only to intercept traffic (since it uses HTTP) between the two devices, but also to exploit the discovered vulnerabilities and have unrestricted access to vulnerable device storage. Since the SHAREit app fails to validate the 'msgid' parameter-a unique identifier generated for each request when the sender initiates a download-this enables a malicious client with a valid session to download any resource by directly referencing its identifier. Researchers also found that when a download request is initiated, SHAREit client sends a GET request to the sender's HTTP server, which looks like the following URL: SHAREit server hosts multiple services via different ports on a device, but the researchers analyzed two designated services including Command Channel (runs on Port 55283) and Download Channel (runs on Port 2999).Ĭommand Channel is a regular TCP channel where app exchanges messages with other SHAREit instances running on other devices using raw socket connections, including device identification, handling file transmission requests, and checking connection health.ĭownload Channel is the SHAREit application's own HTTP server implementation which is mainly used by other clients to download shared files.Īccording to the researchers, when you use the SHAREit Android app to send a file to the other device, a regular file transfer session starts with a regular device identification, then the 'sender' sends a control message to the 'receiver,' indicating that you have a file to share. "We wanted to give as many people as we can the time to update and patch their devices before disclosing such critical vulnerability," said Abdulrahman Nour, a security engineer at RedForce. The developers frequently scrutinize the app for viruses and similar types of malware.The vulnerabilities were initially discovered over a year back in December 2017 and fixed in March 2018, but the researchers decided not to disclose their details until Monday "given the impact of the vulnerability, its big attack surface and ease of exploitation." There are alternative apps such as Xender, Nearby Share, Z Share, and Files by Google used in countries that ban certain Chinese products such as SHAREit. SHAREit may not work in some countries, such as India because of its ban. It’s also recommended to disable the antivirus and firewall so the app works efficiently. You can resolve SHAREit issues by disabling the hotspot and Wi-Fi connection on your device. SHAREit can transfer all file types, including apps, music, and videos. Compared to Bluetooth, it’s several times faster, and its speed can reach 20MB/s. Once you set up SHAREit on Android, you can transfer files without losing quality. The two devices being used are held nearby for a file to be shared using their built-in hotspot feature. SHAREit has a unique feature where it doesn’t need an Internet or Bluetooth connection to work. Toggle on “Allow installation from this source,” then go back to the installation and click "Done." How SHAREit works Click on “Settings” when the dialog box prompt pops up. To download and install is easy, but it requires Android 4.0 or higher. It’s one of the reasons it’s a preferred platform. Users will be happy to know that SHAREit is free to download for Android devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |