Announcement

Collapse
No announcement yet.

New Jpeg virus & SP2

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • New Jpeg virus & SP2

    So, i've been reading a lot of articles about this whole thing. Also I found an example of a perl script that exploits it. I tried one of my own in PHP and it was caught by ZL but I was wondering how to do the shell stuff? like inserting malicious code.. couldn't quite figure that out. Anyone know much about this?

  • #2
    Originally posted by ProtonageNet
    So, i've been reading a lot of articles about this whole thing. Also I found an example of a perl script that exploits it. I tried one of my own in PHP and it was caught by ZL but I was wondering how to do the shell stuff? like inserting malicious code.. couldn't quite figure that out. Anyone know much about this?
    Read the rules.
    Go catch a falling star.

    Comment


    • #3
      Originally posted by Import
      Actually, I don't see anything wrong with the post. He's not asking how to hack, he's talking about a specific vulnerability and how it works under certain circumstances.
      .: Grifter :.

      Comment


      • #4
        i just think it's quite a spiff hack using jpegs, i knew about one back in 2k2 but seemed to be just a hoax, but this is for real... and it is vurnarble to the oh so mighty SP2, which makes me lmfao.

        i think i sorta somewhat understands hwo it works.. it's basicly some bytes that tell the GDI to go all wack or something?

        Comment


        • #5
          thats stenography
          Last edited by Webster; September 29, 2004, 06:46.
          blowfish:.2x10x448
          www.gnivirdrawn.com

          Comment


          • #6
            Originally posted by Webster
            thats stenography
            Nope.

            Stenography:

            1. The art or process of writing in shorthand.
            2. The art or practice of transcribing speech with a stenograph machine.
            3. Material transcribed in shorthand.


            Steganography:

            The art of writing in cipher, or in characters which are not intelligible except to persons who have the key; cryptography.

            Comment


            • #7
              OK, in an attempt to get this thread somewhat back on topic: for more information on the JPEG GDI vulnerability (which, I assume, is the one that was originally being referred to), I would recommend checking the last week or so's Bugtraq archive. There's been a fair amount of discussion on this topic, including POC code. Searching Google for 'GDI exploit' is also rather revealing.

              Comment


              • #8
                Originally posted by skroo
                Nope.

                Stenography:

                1. The art or process of writing in shorthand.
                2. The art or practice of transcribing speech with a stenograph machine.
                3. Material transcribed in shorthand.


                Steganography:

                The art of writing in cipher, or in characters which are not intelligible except to persons who have the key; cryptography.
                :( i was close.
                blowfish:.2x10x448
                www.gnivirdrawn.com

                Comment


                • #9
                  Originally posted by Webster
                  :( i was close.
                  Quoted posts are like pubic hair: only good to look at when properly-trimmed.

                  Comment


                  • #10
                    Originally posted by Webster
                    :( i was close.
                    Nope, not in the least. It has nothing to do with crypography, it is an exploit that causes the GDI to shat upon itself. PoC code here (don't be a douce with it) and more info here.
                    Happiness is a belt-fed weapon.

                    Comment


                    • #11
                      So where is it?

                      What I'm curious about is that we haven't seen a full blown worm based on this weakness yet.... what gives? Has the media over blow it again, or is this more of a bear to exploit than first though?

                      Or is everybody working on version 55 of Netsky?

                      Comment


                      • #12
                        I remember the "good old days" when someone would open a GIF file, thinking it was naked Brittany Speares, and it would be a hidden .exe extension which would auto-install a trojan.

                        What ever happened to people being inventive?
                        -Ridirich

                        "When you're called upon to do anything, and you're not ready to do it, then you've failed."

                        Commander W.H. Hamilton

                        Comment


                        • #13
                          Originally posted by Ridirich
                          I remember the "good old days" when someone would open a GIF file, thinking it was naked Brittany Speares, and it would be a hidden .exe extension which would auto-install a trojan.

                          What ever happened to people being inventive?
                          Go look in p2p programs. It's still there.
                          - Programmer -

                          Comment


                          • #14
                            I just just hoping for more imagination with the evil things people do to compromise our systems. Like, maybe I dunno, a graphic that says "Your files are now mine" or something....
                            -Ridirich

                            "When you're called upon to do anything, and you're not ready to do it, then you've failed."

                            Commander W.H. Hamilton

                            Comment

                            Working...
                            X