>Russian bug hunter finds a way to utilize Ffmpeg to execute scripts through video files.
Website is in Russian
>Arch users recompiled omiting the ability to access netwotrks
Recompilation is simple
># make install
Now go, you have all the tools necessary to protect yourself from your webms
If anyone can successfully make a using this vulnerability, please use it on /b/ and tell us about it.
>specially crafted «video» file uploaded to your server by an attacker could read your website config/private keys/etc and send that to the attacker once you try to generate a thumbnail for it or just probe it with ffmpeg.
Why would I install ffmpeg on my server in the first place?
That's what I don't get, this exploit only works IF you save the file containing the malicious code.
If so it shouldn't make much of a concern to regular users.
On arch, libavformat 56. 40.101 / 56. 40.101
I'm pretty much vulnerable.
But to how much?On linux it can only do much until you'll require root permissions.
I thought the exploit was executed on a server?
>craft file with exploit
>upload to YouTube
>YouTube runs your upload through ffmpeg, tweaking resolution or whatever it does
>grab private keys or whatever
>upload to (for lack of immediately better term, hacker)
>YouTube private keys obtained
Yeah, the exploit is just that script is being executed in a video file from the exif data.
In theory simpling removing the exif data through tools like MAT can render the exploit useless.
And even then it effects servers running ffmpeg rather than common user.
And since the exploit is executed when ffmpeg tries to read the file, simply removing ffmpeg related packages is a sure way to prevent it.
What I don't understand is how MPV come to play, doesn't it uses libmpv?
Excuse me, but what you are referring to lamp is actually GNU/LAMP, or as I've recently taken to calling it, GNU + LAMP and GLAMP.
But you're right, they may not be at all.