(Link to AcmlmWiki) Offline: thank ||bass
Register | Login
Views: 13,040,846
 Main | Memberlist | Active users | Calendar | Chat | Online users
Ranks | FAQ | ACS | Stats | Color Chart | Search | Photo album 		05-22-24 06:50 AM
0 users currently in Programming.
Acmlm's Board - I3 Archive - Programming - How Does One Put a Program In an Image File... New poll | |
Add to favorites | Next newer thread | Next older thread
User Post
beneficii

Broom Hatter


 





Since: 11-18-05

Last post: 6305 days
Last view: 6302 days
Posted on 01-03-06 04:30 AM Link | Quote
...and have it execute when the image is viewed?

I find that just weird. I read this article:

http://news.ft.com/cms/s/0d644d5e-7bb3-11da-ab8e-0000779e2340.html

Here is the quote in question:

The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week.


I mean an image viewer doesn't execute programs, does it? I've written programs that process images and only reads the bytes in the file--it doesn't execute anything! Are there image viewers that execute code (perhaps macros of some sort?) from inside the image?

There obviously has to be something more to this than the article is letting on! Can any of our more veteran hackers/programmers read this riddle for us?

(edited by beneficii on 01-03-06 03:32 AM)
(edited by beneficii on 01-03-06 03:32 AM)
(edited by beneficii on 01-03-06 03:34 AM)
||bass
Administrator








Since: 11-17-05
From: Salem, Connecticut

Last post: 6303 days
Last view: 6302 days
Posted on 01-03-06 04:39 AM Link | Quote
Without knowing more details about the bug, I'm going to venture a guess that the image overflows some buffer in the image processing software such that after the image has been processed, the image data has overflowed from the data area into the execution area, the execution pointer is then executing the piggybacked machine code from memory rather then the program code that is supposed to be there.
beneficii

Broom Hatter


 





Since: 11-18-05

Last post: 6305 days
Last view: 6302 days
Posted on 01-03-06 04:42 AM Link | Quote
Aaah. That is interesting. My guess then that the image format in question is the BMP. Naturally, we would need more info. The article said that the source code for the bug exploit was pubicly released. A trip to Wikipedia might be in order....

EDIT: Well, first update, it's the Metafile format.

EDIT 2: Just go here!

http://en.wikipedia.org/wiki/Windows_Metafile_vulnerability



(edited by beneficii on 01-03-06 03:42 AM)
(edited by beneficii on 01-03-06 03:43 AM)
(edited by beneficii on 01-03-06 03:43 AM)
||bass
Administrator








Since: 11-17-05
From: Salem, Connecticut

Last post: 6303 days
Last view: 6302 days
Posted on 01-03-06 04:46 AM Link | Quote
I just realized we already have a thread for this.

http://board.acmlm.org/thread.php?id=1608
Add to favorites | Next newer thread | Next older thread
Acmlm's Board - I3 Archive - Programming - How Does One Put a Program In an Image File... |


ABII

Acmlmboard 1.92.999, 9/17/2006
©2000-2006 Acmlm, Emuz, Blades, Xkeeper

Page rendered in 0.025 seconds; used 360.57 kB (max 432.51 kB)