CTF unknown protocol from Windows XP risk for all Windows

CTF is a little known Microsoft protocol that exists in Windows XP and is still used today by all versions of Windows.

According to Tavis Ormandy, a security researcher from Google's Project Zero team found that the protocol is buggy, and hackers, or malware, can use it to take full ownership of the victim's computer.

CTF

What is CTF?

CTF is unknown. Even Ormandy, a well-known security researcher, couldn't find out what all the Microsoft documents mean.

What Ormandy discovered was that CTF is part of the Windows Text Services (TSF) framework of the system that manages any text that appears in Windows and Windows applications.

When users start an application, Windows also launches a CTF client for that application. The CTF client is allegedly receiving commands from a CTF server for operating system language and keyboard input methods.

If something changes (for example changing language from Greek to English) the CTF server notifies all CTF clients who then change the language in each Windows application in real time.

So what Ormandy discovered is that communications between CTF servers and CTF clients are not properly encrypted.

Any application, any user - even with sandboxed processes - can log on to any CTF session.

This way you could log in to someone else's active login and download any application or wait for an Administrator to log in and gain higher privileges.

Attackers can use this gap to steal data from other applications or issue commands in the name of those applications.

If applications run at high privileges, then these actions could allow the attacker to gain full control of the victim's computer.

And according to Ormandy, any Windows application or process can be compromised. Due to the role of the CTF (works in any application or service) there is a CTF process for everything running on a Windows operating system.

To prove the vulnerability, Ormandy created a demo that you can see below:

In addition, the researcher explains precisely in a blog post, the CTF security gap, but also released a tool on GitHub to help other researchers test the protocol.

_________________________

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).