SHAREit server hosts multiple services via different ports on a device, but the researchers analyzed two designated services including Command Channel (runs on Port 55283) and Download Channel (runs on Port 2999).Ĭommand Channel is a regular TCP channel where app exchanges messages with other SHAREit instances running on other devices using raw socket connections, including device identification, handling file transmission requests, and checking connection health.ĭownload Channel is the SHAREit application's own HTTP server implementation which is mainly used by other clients to download shared files.Īccording to the researchers, when you use the SHAREit Android app to send a file to the other device, a regular file transfer session starts with a regular device identification, then the 'sender' sends a control message to the 'receiver,' indicating that you have a file to share. "We wanted to give as many people as we can the time to update and patch their devices before disclosing such critical vulnerability," said Abdulrahman Nour, a security engineer at RedForce. The vulnerabilities were initially discovered over a year back in December 2017 and fixed in March 2018, but the researchers decided not to disclose their details until Monday "given the impact of the vulnerability, its big attack surface and ease of exploitation."
0 kommentar(er)
