Exploit to write outside of BTSync folder


Deco

Recommended Posts

Howdy!

I went into my "RandomSecrets" folder today and found this:

GFQvfhC.png

This is definitely not one of the secrets I subscribed, and I did not create it manually.

It seems there is a way to write outside the synchronized folder. I suspect it's probably something along the lines of "..\Have you got a virus". If that's true, then they could easily install malicious software in a higher directory.

How can I help in investigating this?

Link to comment
Share on other sites

It seems there is a way to write outside the synchronized folder. I suspect it's probably something along the lines of "..\Have you got a virus". If that's true, then they could easily install malicious software in a higher directory.

How can I help in investigating this?

Okay make sure it's the same as this, then you better work out if you need to raise a bug on the auto-update functionality. Did it fail or did you turn it off?

Link to comment
Share on other sites

It may have been that issue.

I updated to 1.0.134 as soon as it came out.

Whether the file has been there for a while or only just appeared, I'm not sure; I only noticed it yesterday.

If it's recreated, I'll post again.

Thanks for your help.

Link to comment
Share on other sites

Whether the file has been there for a while or only just appeared, I'm not sure; I only noticed it yesterday.

Well, from your screenshot, the highlighted folder appears to have been last modified on 23rd May at 03:20. BitTorrent Sync 1.0.134 was available from 15th May (via manual download/update), but was only really rolled out via auto update last week.... so it would be interesting to know when you updated to 1.0.134, and whether that was before/after May 23?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.