Impact

The code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing the network request so that a different piece of data gets downloaded. Due to the use of weak integrity checks (TOB-DF2-15), this modification of the data may go unnoticed.

// DownloadTinyFile downloads tiny file from peer without range.
func (p *Peer) DownloadTinyFile() ([]byte, error) {
       ctx, cancel := context.WithTimeout(context.Background(),
downloadTinyFileContextTimeout)
       defer cancel()
       // Download url:
http://${host}:${port}/download/${taskIndex}/${taskID}?peerId=${peerID}
       targetURL := url.URL{
Scheme:
}
"http",
fmt.Sprintf("%s:%d", p.Host.IP, p.Host.DownloadPort),
fmt.Sprintf("download/%s/%s", p.Task.ID[:3], p.Task.ID),
Host:
Path:
RawQuery: fmt.Sprintf("peerId=%s", p.ID),

A network-level attacker who cannot join a peer-to-peer network performs a Man-in-the-Middle attack on peers. The adversary can do this because peers (partially) communicate over plaintext HTTP protocol. The attack chains this vulnerability with the one described in TOB-DF2-15 to replace correct files with malicious ones. Unconscious peers use the malicious files.

Patches

• Dragonfy v2.1.0 and above.

Workarounds

There are no effective workarounds, beyond upgrading.

References

A third party security audit was performed by Trail of Bits, you can see the full report.

If you have any questions or comments about this advisory, please email us at [email protected].