Register | Login | |||||
Main
| Memberlist
| Active users
| Calendar
| Chat
| Online users Ranks | FAQ | ACS | Stats | Color Chart | Search | Photo album |
| |
0 users currently in Programming. |
Acmlm's Board - I3 Archive - Programming - How Does One Put a Program In an Image File... | New poll | | |
Add to favorites | Next newer thread | Next older thread |
User | Post | ||
beneficii Broom Hatter Since: 11-18-05 Last post: 6305 days Last view: 6302 days |
| ||
...and have it execute when the image is viewed?
I find that just weird. I read this article: http://news.ft.com/cms/s/0d644d5e-7bb3-11da-ab8e-0000779e2340.html Here is the quote in question:
I mean an image viewer doesn't execute programs, does it? I've written programs that process images and only reads the bytes in the file--it doesn't execute anything! Are there image viewers that execute code (perhaps macros of some sort?) from inside the image? There obviously has to be something more to this than the article is letting on! Can any of our more veteran hackers/programmers read this riddle for us? (edited by beneficii on 01-03-06 03:32 AM) (edited by beneficii on 01-03-06 03:32 AM) (edited by beneficii on 01-03-06 03:34 AM) |
|||
||bass Administrator Since: 11-17-05 From: Salem, Connecticut Last post: 6303 days Last view: 6302 days |
| ||
Without knowing more details about the bug, I'm going to venture a guess that the image overflows some buffer in the image processing software such that after the image has been processed, the image data has overflowed from the data area into the execution area, the execution pointer is then executing the piggybacked machine code from memory rather then the program code that is supposed to be there. | |||
beneficii Broom Hatter Since: 11-18-05 Last post: 6305 days Last view: 6302 days |
| ||
Aaah. That is interesting. My guess then that the image format in question is the BMP. Naturally, we would need more info. The article said that the source code for the bug exploit was pubicly released. A trip to Wikipedia might be in order....
EDIT: Well, first update, it's the Metafile format. EDIT 2: Just go here! http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability (edited by beneficii on 01-03-06 03:42 AM) (edited by beneficii on 01-03-06 03:43 AM) (edited by beneficii on 01-03-06 03:43 AM) |
|||
||bass Administrator Since: 11-17-05 From: Salem, Connecticut Last post: 6303 days Last view: 6302 days |
| ||
I just realized we already have a thread for this.
http://board.acmlm.org/thread.php?id=1608 |
Add to favorites | Next newer thread | Next older thread |
Acmlm's Board - I3 Archive - Programming - How Does One Put a Program In an Image File... | | |