Closed
Bug 985057
Opened 10 years ago
Closed 7 years ago
Check for DLL injection with installer
Categories
(Firefox :: Installer, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1361326
People
(Reporter: kjozwiak, Unassigned)
References
Details
(Keywords: csectype-priv-escalation, sec-audit)
Attachments
(5 files)
This issue is the exact same as Bug #945192 but will concentrate on the unknown DLL's that are being loaded while installing Firefox via the regular installer. Current progress can be found here: https://intranet.mozilla.org/User:Kjozwiak@mozilla.com/DLL_Hijacking_via_Installer
Updated•10 years ago
|
Component: Application Update → Installer
Product: Toolkit → Firefox
Reporter | ||
Updated•10 years ago
|
Summary: The updater.exe loads the bcrypt.dll from the working directory (Installer) → Check for DLL injection with installer
Reporter | ||
Comment 1•10 years ago
|
||
Quick Update: - Installed all the needed Win OS's (both x64 and x86 versions) - Went through each OS and listed all the unknown DLL's (went through this process twice to make sure nothing was missing) - Once the entire unknown DLL list was created, went through each OS one more time to make sure nothing was missed - Beginning to create the exploit DLL's using the utility/process mentioned in bug #945192 comment #10 (will be adding those steps in the wiki for future reference)
Reporter | ||
Comment 2•10 years ago
|
||
Progress: * Windows XP SP3 x86 [FOUND 0 DLL's] * Windows XP SP2 x64 [Found 1 POSSIBLE DLL] * Windows Vista x86 [FOUND 1 DLL & 1 CRASH] * Windows Vista x64 [FOUND 1 DLL & 1 CRASH] Windows XP doesn't have integrity levels as this was introduced in Win Vista, we should check the DLL's that are spawning CMD's and ensure that they're not running in high integrity in Win XP.
Reporter | ||
Comment 3•10 years ago
|
||
Reporter | ||
Comment 4•10 years ago
|
||
Progress: * Windows 7 x86 [Found 1 DLL] * Windows 7 x64 [Found 1 DLL]
Reporter | ||
Comment 5•10 years ago
|
||
Progress: * Windows 8 x86 [FOUND 3 DLL's] * Windows 8 x64 [FOUND 3 DLL's]
Reporter | ||
Comment 6•10 years ago
|
||
Completed going through the entire list of unknown DLL's for each of the OS's when installing fx via the "installer". Please follow the link in comment #0 to see which DLL's are vulnerable. * Windows 8.1 x86 [FOUND 1 DLL] * Windows 8.1 x64 [FOUND 1 DLL]
Comment 7•10 years ago
|
||
Thanks Kamil!
Updated•10 years ago
|
Updated•9 years ago
|
Group: core-security → firefox-core-security
Updated•7 years ago
|
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Updated•4 years ago
|
Group: firefox-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•