SHAREit Vulnerabilities Could Allow Remote Code Execution, Leak Sensitive Data

SHAREit was among the 59 apps banned in June 2020 in India because it was made by Chinese developers.

By Vineet Washington | Updated: 18 February 2021 16:22 IST

SHAREit Vulnerabilities Could Allow Remote Code Execution, Leak Sensitive Data

Photo Credit: Google Play

SHAREit is not available on Google Play in India

Highlights

SHAREit vulnerabilities could allow attackers to install malicious apps
Attackers could perform remote code execution
SHAREit was banned in India in June 2020

SHAREit app has been found to have vulnerabilities that can be exploited to leak sensitive data and execute arbitrary code. A cyber-security software company has discovered “several vulnerabilities” in SHAREit and states that these are most likely unintended flaws in the app. The company says it has informed Google of these vulnerabilities. In India, SHAREit was banned back in June last year along with 58 other apps including TikTok, UC Browser, WeChat, and others. These apps had one common factor – they were all of Chinese origin.

Trend Micro, a cyber-security software company, discovered various vulnerabilities in file sharing app SHAREit. To do so, it built a proof-of-concept (POC) code which showed that any app can invoke a StartActivity function in SHAREit, including its internal (non-public) and external app activities. It was also found that any third-party entity can gain temporary read/ write access to the content of the person who is sharing the data. The POC code read WebView cookies and it was noted that this code can be used to write any files in the app's data folder. This means that the files can be overwritten as well.

Attackers could also craft a fake vdex/ odex file – that SHAREit generates when first launched – and then replace those files due to the vulnerability, allowing the attacker to perform code execution.

US Said to Be Considering Adding Alibaba, Tencent to China Stock Ban

Trend Micro found that SHAREit provides a feature that can install an APK with the file name suffix ‘sapk' that can be used to install a malicious app. This would enable a limited Remote Code Execution (RCE) when the user clicks on a URL (SHAREit has deep links using URL leading to specific features in the app).

The company built an href attribute in HTML to verify RCE with Google Chrome browser. Chrome was coded to call SHAREit to download the sapk from http://gshare.cdn.SHAREitgames.com and since it supports HTTP protocol, the company found it can be replaced by simulating a man-in-the-middle (MitM) attack. This would allow malware to be downloaded to the user's phone.

Additionally, SHAREit is susceptible to a man-in-the-disk (MITD) attack as when a user downloads a certain app through SHAREit, it goes to a folder in an external directory. This means that the app can access the directory with SD card write permission.

Government Bans 47 Additional Chinese Apps in India: Report

Trend Micro recommends regularly updating mobile operating systems and the apps in order to try and prevent such vulnerabilities negatively affecting you. The Indian government banned SHAREit and 58 other apps back in June 2020 as they were of Chinese origin.

Is Mi 10i a OnePlus Nord killer? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.