Researchers Show How SQLite Can Be Modified to Attack Apps

Researchers Show How SQLite Can Be Modified to Attack Apps
New technique involves query hijacking to trigger a wide range of memory safety issues within the widely used database engine, Check Point says.

The near-ubiquitous presence of the SQLite database on desktop and mobile operating systems makes it an attractive target for attackers. However, efforts at finding and exploiting vulnerabilities in the database engine have focused mostly on WebSQL and the browser layer alone.


Researchers at Check Point Software Technologies have developed a new technique that shows how attackers can reliably trigger and exploit a wide range of memory safety issues in the SQLite engine using nothing other than the SQL language. It is the first research to show how SQL queries can be modified and used to execute malicious commands in applications that use SQLite to store data.


At the 2019 DEF CON hacker conference last week, researchers from Check Point demonstrated how someone could use the technique to bypass Apple's Secure Boot mechanism and gain administrative-level access and persistence on Apple's latest iPhones. They also demoed how to execute code remotely and take control of a server running PHP7 by infecting their own device with a password-stealing malware.


The research shows that querying a database may not be as safe as assumed, Check Point researcher Omer Gull said. "Defenders should now take into consideration the fact that simply querying a database might have disastrous consequences and act accordingly," Gull said. "Attackers can now leverage the use of SQLite database for their own malicious intent."


SQLite is by far the world's most widely deployed database engine, with many billions of copies in use currently. SQLite is embedded in every Android, iOS, and iPhone device; every Mac; every Windows 10 system; ..

Support the originator by clicking the read the rest link below.