INFINIX XCLUB-INFINIX MOBILITY COMMUNITY OFFICIAL FORUM

 Forgot password?
 Register
搜索
热搜: XStore
12Next
返回列表 发新帖
查看: 60|回复: 12

Alert! ES File Explorer leaves your Android phone open to anyone on same network

[复制链接]

1278

Threads

4617

Posts

5936

Xpoints

Sapphire Star LV13

sign star1sign star2sign star3post star1post star2post star3sign star4post star4

发表于 2019-01-29 22:29:58 来自手机 | 显示全部楼层 |阅读模式
[br]You now have one more reason why you should stop using the ES File Explorer on your smartphone.[br][img src="/storage/emulated/0/UCNewsApp/download/save_image/b2e2a339a61e57653e86864b6ab83fc9.jpg"][br][br]HIGHLIGHTS[br][br]Elliot Alderson has spotted a bug in the app that makes your phone data vulnerable to theft.[br]Every time the user opens the ES File Explorer, an HTTP server is also launched inconspicuously.[br]Hacker can remotely control your phone and erase all the data from the device.[br]You now have one more reason to stop using the ES File Explorer on your smartphone. Popular security researcher Elliot Alderson has spotted a bug in the app that makes your phone data vulnerable to theft. All that the hacker has to do is to be available on the same WiFi network.[br][br]Alderson explains that every time the user opens the ES File Explorer, an HTTP server is also launched inconspicuously. This hidden web server runs in the background and opens locally the port 59777. An attacker can use this port to push a JSON payload in your phone.[br][br]The hacker can access all your data in the phone including files stored in the SDcard, list of all photos, videos and audio files, system apps, phone apps, apk files in the SDcard, device info and more. He or she can even pull a file from your device or launch an app of his or her choice remotely in your phone. Hacker can remotely control your phone and erase all the data from the device. All that is required is for the hacker is to be on the same network as the target like a shared public WiFi connection. Alderson has reached out to creators of the app over the issue but the response is yet awaited.[br][br]ES File Explorer has more than 100 million downloads which means that there a lot of devices at the risk of being hacked. The vulnerability has been found in the ES File Explorer version 4.1.9.5.2 and below. It is unknown whether this bug impacts devices running the latest version. Alderson suggests the company should add an authentication feature to the app and uninstalling the app is the only solution for now to protect your phone from the bug.[br][br]Once said to be the best Android app to manage your phone storage, ES File Explorer started getting unpopular few years back when it started showing up spammy ads and notifications after user downloaded the app. These ads would not only show up within the app but even on the phone's lock screen. Worse when the app developers announced to launch a paid version of the app.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?Register

x
Born to express not to impress{:16_8:}{:16_8:}{:16_8:}{:16_8:}
回复

使用道具 举报

1620

Threads

110K

Posts

110K

Xpoints

Golden Star LV29

sign star1sign star2sign star3post star1post star2post star3post star4sign star4

发表于 2019-01-29 22:50:36 来自手机 | 显示全部楼层
nice share
回复

使用道具 举报

7381

Threads

1010K

Posts

1110K

Xpoints

Sapphire Diamond LV50

Infinix S fans20M4.0xclub2019Xclub Kolsign star1sign star2sign star3post star1post star2post star3post star4post star5sign star4sign star5

发表于 2019-01-31 08:48:42 来自手机 | 显示全部楼层
Nice share brother
回复

使用道具 举报

1

Threads

1869

Posts

1870

Xpoints

Jade Star LV5

sign star1sign star2

发表于 2019-02-06 19:24:14 来自手机 | 显示全部楼层
nice..
回复

使用道具 举报

103

Threads

4512

Posts

4626

Xpoints

Sapphire Star LV11

2019sign star1sign star2sign star3post star1post star2

发表于 2019-02-07 00:48:01 来自手机 | 显示全部楼层
Nice share
回复

使用道具 举报

5653

Threads

210K

Posts

310K

Xpoints

Content Partner

Rank: 8Rank: 8

2019post star1post star2sign star1sign star2sign star3post star3post star4post star5sign star4

发表于 2019-02-07 15:04:59 来自手机 | 显示全部楼层
good information
回复

使用道具 举报

1278

Threads

4617

Posts

5936

Xpoints

Sapphire Star LV13

sign star1sign star2sign star3post star1post star2post star3sign star4post star4

 楼主| 发表于 2019-02-07 16:15:37 来自手机 | 显示全部楼层
thanks bro
回复

使用道具 举报

1278

Threads

4617

Posts

5936

Xpoints

Sapphire Star LV13

sign star1sign star2sign star3post star1post star2post star3sign star4post star4

 楼主| 发表于 2019-02-07 16:15:56 来自手机 | 显示全部楼层
thanks bro
回复

使用道具 举报

1278

Threads

4617

Posts

5936

Xpoints

Sapphire Star LV13

sign star1sign star2sign star3post star1post star2post star3sign star4post star4

 楼主| 发表于 2019-02-07 16:16:29 来自手机 | 显示全部楼层
回复

使用道具 举报

1278

Threads

4617

Posts

5936

Xpoints

Sapphire Star LV13

sign star1sign star2sign star3post star1post star2post star3sign star4post star4

 楼主| 发表于 2019-02-07 16:16:47 来自手机 | 显示全部楼层
thanks bro
回复

使用道具 举报

12Next
返回列表 发新帖
您需要登录后才可以回帖 登录 | Register

本版积分规则

Infinix Official Website|Infinix official mall|infinix Note 4|INFINIX XCLUB-INFINIX MOBILITY COMMUNITY OFFICIAL FORUM

2019-11-14 11:04 GMT+8 , Processed in 0.274628 second(s), 21 queries .

Powered by Discuz! X3.4

© 2001-2017 Comsenz Inc.

Quick Reply To Top Return to the list