search

infobyte / evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
https://www.faradaysec.com/
1.28k stars 279 forks source link

Explore SublimeText support #2

Closed bored-engineer closed 3 years ago

bored-engineer commented 10 years ago

SublimeText may be exploitable. Updates are checked over HTTP: http://www.sublimetext.com/updates/3/stable/updatecheck?version=3059&platform=osx&arch=x64&r=1&m=Vek2

fedek commented 10 years ago

Try bulding a module for it!

bored-engineer commented 10 years ago

I'll take a look in a day or two and see what I can do.

f-amato commented 10 years ago

Hi Luke, do you have any news? Do you need help? Best

bored-engineer commented 10 years ago

I haven't had a chance to take a look yet, but I will eventually. Feel free to give it a try if you want, I'd be happy to take a look at and finish any code you started.

mattaereal commented 8 years ago

This is being currenty reviewed.

Sublime uses a signed manifest and a pak file with a compression I haven't been able to extract yet. But this scenario me be similar to another one I have in mind.

buffermet commented 6 years ago

I have already tried to build a module for Sublime Text, it only requests the update URLs over HTTP, the program then decides whether it can update securely, so no arbitrary payload can be served.