| Malware in image files? maybe im paranoid....is there any way someone can exploit an image file? |
|
1 edit | Depending on what you would consider "exploit" to be....... research this subject ....you may find it very interesting.
....its fairly easy to obtain a Program that will hide messages in images.....therefore, if messages can be hidden in images.....what else can ?
Also, "TEXT" files can be exploited..........
When dealing with a computer approach it with an open mind.....an lots of caution.
Perhaps someone else will offer a more in dept explanation.....there is much to be said on the subject.
Have a Merry Christmas |
|
|
|
 jaykaykay4 Ever YoungPremium,MVM
join:2000-04-13
Scottsdale, AZ
kudos:22 | reply to SweetNoob
You are not paranoid!
»www.google.com/search?q=how+to+e···7ADSA_en |
|
 BlackbirdBuilt for SpeedPremium
join:2005-01-14
Fort Wayne, IN
kudos:3
 ·Frontier Communi..
| reply to SweetNoob
Assuming that you mean a graphics image file (and not a backup-imager file), exploits do exist. As to whether it's an exploitation of the image file per se or a way to exploit a related OS or a browser vulnerability is a somewhat different matter. Currently, there's a gif file exploit that targets browser vulnerabilities (Opera being one target); a while back, there was an exploit that took advantage of Windows automatically interpreting certain contained file code to be other that what the file-name extension implied to a user (an image file). You can embed an exploit in a simple text file and use it as a script to be run by another exploit on a system. And the list goes on. It's just that it's easier to exploit a system using a straight executable file, so exploits of other file types are found less often.
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville |
|
 DustynPremium
join:2003-02-26
Ontario, CAN
kudos:10 | said by Blackbird:Assuming that you mean a graphics image file (and not a backup-imager file), exploits do exist. That's what I was thinking when I first read that post.
Interesting to see some by default think "Graphic Image" vs "System Backup Image". I immediately for whatever reason was thinking the latter. Clarity from the OP is still required.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP
|
|
| reply to SweetNoob
to be more specific jpegs...pngs |
|
BlackbirdBuilt for SpeedPremium
join:2005-01-14
Fort Wayne, IN
kudos:3 Reviews:
·Frontier Communi..
| said by SweetNoob :to be more specific jpegs...pngs
Exploits within jpeg and png files first appeared in the 2004 era and may still be lurking around, though vulnerability of most systems depends on whether later patches were installed for the then-affected programs (MS04-028 Buffer Overrun in JPEG and MS05-009 Vulnerability in PNG). In recent years, I've not seen any major outbreaks, other than in a few specific apps programs... but, as always, one never knows what will pop up tomorrow - or even later today. 
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville |
|
| reply to SweetNoob
I haven't heard of or seen it being used in quite some time, but I do remember this one from 2006 that used steganography to embed malicious code into JPEG files:
»blogs.mcafee.com/mcafee-labs/tro···he-loose |
|
