• Profile photo of Mynk0x00

      Mynk0x00 posted an update

      6 weeks ago (edited)

      #A Hacker 👾 Story About How He Hacked Anki,The World’s Most Popular Flashcard App

      It took us 10 days to go from “We think this might be vulnerable” to full-blown remote code execution, including the 7 days we were both on holiday.

      As a student, I’ve searched far and wide for the best study method.

      Pomodoro, interlapping, and active recalls. The Feynman Technique. But one worked for me, as it did with many others: spaced repetition with flashcards.

      Anki is the world’s most popular flashcard program.

      It’s over 17 years old (the same age as me!), with 10s of millions of downloads, and beloved by all students, from medicine to aerospace engineering and even the arts. With the release of FSRS (a fantastic new spaced-repetition algorithm), it is also objectively the best flashcard program on the market.

      One Friday night, we had a quick look and came to some conclusions:

      1. It’s widely accepted that importing flashcards is considered safe.
      2. Using flashcards is safe.
      3. Addons are not safe, as they are arbitrary Python code.
      4. Anki is 17 years old and the most used flashcard program in the world. If there were a vulnerability, surely someone would have found it by now.

      That following weekend, we examined the codebase and quickly found our first vulnerability – an arbitrary file read for text-based files.

      But having seen the codebase, we realised there is more than meets the eye.

      This post provides a thorough outline of the timeline and technical aspects of the exploit.

      Read Full Blog: Click Here