Government Security
Network Security Resources

Jump to content

Photo

Shell Code In Image Files

shell shell code
  • Please log in to reply
6 replies to this topic

#1 Johnacandy

Johnacandy

    Private

  • Members
  • 10 posts

Posted 02 April 2010 - 05:03 AM

hi guys i have recently started reading about shell code ... and I heard there are ways of executing code blocks when injected into image files . Example when a user clicks an image a specific code also runs in the background ?? is this possible ?? if so could anyone please put up a c source code showing how this is accomplished ... Thanks

#2 Juza

Juza

    Specialist

  • Sergeant Major
  • 149 posts

Posted 02 April 2010 - 05:55 AM


started reading about shell code

I suggest you read more.

executing code blocks when injected into image files

yes it's possible.

user clicks an image a specific code also runs in the background ??

when a user clicks in a image, his OS will handle the click with the respective program, paint, photoshop, ... etc., in the case. So, if there is a vulnerability handling image files by the program who handles the image request, you can run something else.

is this possible ??

yes, since you find the vulnerability, to exploit it. You can accomplish this goal fuzzing the file format, i recommend
you to read this paper "The Art of File Format Fuzzing".


if so could anyone please put up a c source code showing how this is accomplished

There a lot of exploits made, using this kind of technique (file format fuzzing), example.
Go to iamjuza.blogspot.com
Follow me twitter.com/iamjuza

The true beginning of our end.


#3 Johnacandy

Johnacandy

    Private

  • Members
  • 10 posts

Posted 02 April 2010 - 10:52 AM

Thanks for the great link it clarified my concepts a lot. I guess i should be concentrating on vulnerabilities of applications which are associated with the extensions that i wish to use.

#4 Edu

Edu

    First Sergeant

  • Members
  • 2,269 posts

Posted 02 April 2010 - 12:48 PM

if you target Windows, read about the Windows Meta File format, it is promising and theoretically easier to find a code execution bug in one of the functions used to "draw" the picture. plus u can give it any valid image extension u wish and it will work just fine in most Windows programs ;)
http://www.secumania.net - Secumania security blog.


Embed any executable in a JPEG image and get it to run upon opening the image with this cool tool that abuses a feature of GDI in Windows systems. for governmentsecurity.org members only! click here to get it!

#5 Johnacandy

Johnacandy

    Private

  • Members
  • 10 posts

Posted 02 April 2010 - 01:47 PM

if you target Windows, read about the Windows Meta File format, it is promising and theoretically easier to find a code execution bug in one of the functions used to "draw" the picture. plus u can give it any valid image extension u wish and it will work just fine in most Windows programs ;)


Thanks .. ill check meta file formats ...anyways if u uys have any helpful links or materials regarding this do let me know...
Thanks again u guys...

#6 AdmiralB

AdmiralB

    Specialist

  • Sergeant Major
  • 338 posts

Posted 01 June 2010 - 06:58 PM

while it is possible, it is a rare occurrence i would say.

#7 Edu

Edu

    First Sergeant

  • Members
  • 2,269 posts

Posted 01 June 2010 - 08:04 PM

not so rare... if you were to target the most common image formats along all the functions it uses to "draw" image along all types of vulns existing to this date the chances of finding something exploitable (as long as u got good fuzzers, time, patience and skills) are relatively high in my viewpoint.

and...donĀ“t forget about the topic dates please :P
http://www.secumania.net - Secumania security blog.


Embed any executable in a JPEG image and get it to run upon opening the image with this cool tool that abuses a feature of GDI in Windows systems. for governmentsecurity.org members only! click here to get it!





Also tagged with one or more of these keywords: shell, shell code