> and is therefor not part of the add-on.
Youtube downloader for mozilla update#
> actual file list to update comes as response from the server > "whitelist", so that - seemingly - no other files can be overwritten. > and places them onto the hard drive of the user. The function updateConfigFile() downloads files from a web server > Looking at the code of the add-on "YouTube Unblocker", I found the The download was another add-on which Avast categorized as > blocked download from a third-party website associated with neither Mozilla > Immediately after installing my antivirus software (Avast) warned me of a > I installed the add-on "YouTube Unblocker" version 0.6.20 from AMO.
Youtube downloader for mozilla install#
The add-on should never overwrite the user.js and try to install malware. The add-on created a new user.js (trying to deactivate code signing for add-ons), downloaded a malicious add-on from a third-party website and tried to install it. But if you google for the URL in the response.json and Avast you find more people getting this malware via Youtube Unblocker. I couldn't find out, what the pattern is, for the server delivering malware or a clean configuration. Both are a clear violation of the add-on guidelines.īeware: Sometimes the server answers with a different configuration. In the case of the attached response.json it is a user.js and a malicious add-on. And so the add-on can place files where it should never be able to. This works because the regular expression in utils.js doesn't check for the end of the string. The configuration I got from the server is in the attachement response.json (captured with Wireshark).Īs you can see in the attachement, the server owner (the add-on programmer?) uses relative pathnames to overcome the "whitelist".
The actual file list to update comes as response from the server and is therefor not part of the add-on. It checks for a "whitelist", so that - seemingly - no other files can be overwritten. The function updateConfigFile() downloads files from a web server and places them onto the hard drive of the user. Looking at the code of the add-on "YouTube Unblocker", I found the responsible code in the file following line 138. The download was another add-on which Avast categorized as malware. Immediately after installing my antivirus software (Avast) warned me of a blocked download from a third-party website associated with neither Mozilla nor the add-on. I installed the add-on "YouTube Unblocker" version 0.6.20 from AMO.
0 kommentar(er)
