QuickShell Sharing is caring abt RCE attack chain on QuickShare
Or Yair, Shmuel Cohen
DEF CON 32 Main Stage · Day 1 · Main Stage
This talk, "QuickShell: Sharing is caring about an RCE attack chain on Quick Share," presented by Or Yair and Shmuel Cohen from SafeReach, delves into the discovery and exploitation of multiple critical vulnerabilities within Google's QuickShare for Windows application. QuickShare, Google's file transfer solution akin to Apple's AirDrop, was originally known as Nearby Share on Android. It gained significant attention after Google and Samsung unified their file-sharing platforms under the QuickShare brand and, crucially, released a dedicated Windows application. This Windows version, which Google plans to pre-install on new PCs from manufacturers like LG, became the primary target for the researchers due to its expanding user base and novel implementation on the Windows platform.
AI review
This research on QuickShare for Windows by SafeReach is a masterclass in full-chain exploitation. The team meticulously reverse-engineered Google's new file-sharing application, uncovering eight distinct vulnerabilities. Their ability to chain these into a sophisticated Remote Code Execution (RCE) attack, leveraging forced Wi-Fi connections for Man-in-the-Middle and an uncontrolled file write primitive, culminates in persistent code execution. This isn't just a bug report; it's a blueprint for compromising a widely deployed Google application, demonstrating real skill and deep technical…