New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Arbitrary code execution through loading a malicious project #789
Comments
Congratulations. That's a nice discovery! |
Thanks for finding this...we are investigating it. |
Thanks for bringing us this awesome dissembler. |
dev747368
added a commit
to dev747368/ghidra
that referenced
this issue
Jul 19, 2019
…t files from zip. Abstracted guts of GFileSystemExtractAllTask, reused in RestoreTask. Fixed NPE in RestoreTask if restore was canceled.
dev747368
added a commit
to dev747368/ghidra
that referenced
this issue
Jul 22, 2019
@xiaofen9 - please reopen this issue if this didn't address the problem |
Issue fixed according to my exploit.
Thanks.
Best regards,
Feng Xiao
dev747368 <notifications@github.com> 于2019年7月23日周二 上午10:16写道:
… @xiaofen9 <https://github.com/xiaofen9> - please reopen this issue if
this didn't address the problem
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#789?email_source=notifications&email_token=AE7S43JY2K35C5MSGF4XSFTQA4HCNA5CNFSM4IDQWNNKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD2TIEDA#issuecomment-514228748>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AE7S43I6BJQ55XUCAHX4RU3QA4HCNANCNFSM4IDQWNNA>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
A path traversal vulnerability exists in RestoreTask.java from package ghidra.app.plugin.core.archive. This vulnerability allows attackers to overwrite arbitrary files in the system. To achieve arbitrary code execution, one of the solutions is to overwrite some critical ghidra modules, e.g., decompile module (In this case we need to know the installation path of ghidra).
To Reproduce
Expected behavior
Here is a demo of the attack behavior.
https://youtu.be/RGqQMUd9hZM
Environment (please complete the following information):
Remark
The vulnerability was found by researchers from GTISC@Georgia Tech.
The text was updated successfully, but these errors were encountered: