Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Autoexetute a program in a jpg image?

  1. Home
  2. Forum
  3. Hacking in general
  4. Autoexetute a program in a jpg image?

ghost's Avatar

ghost

0 0

Hello, I'm very new in this world of hacking and I basically entered in the first place to make my computer and site as secure as I can. Obviusly I also have had some malicious ideas, which i haven't managed to take into action yet :right:.

Well, my question is if it is possible to "hide" an exe inside a jpg image that when the image is opened, the exe automatically exetutes itself. If it is possible, could I have some guidance on how it could be done?

Thank you. :happy:


ghost's Avatar

ghost

0 0

You have to exploit whatever parses/interprets/processes the image. Popular image file formats weren't designed to have executable codes in them.


ghost's Avatar

ghost

0 0

Chinchilla3k wrote: You have to exploit whatever parses/interprets/processes the image. Popular image file formats weren't designed to have executable codes in them.

Thanks for your answer. I have to admit that I don't know anything about exploiting (I'll start learning), but does that mean I have to change the program that "reads the image"? (sorry for my noobness, but I don't really know exactly what exploiting means) or just see how the program works in order to know what to put inside the image file, so that it executes the program that is inside ir?

Thank you again.


ghost's Avatar

ghost

0 0

Depending on the target OS and the method of delivery for the "picture", here is an idea that may work:

The default setting in WinXP is to not show file extensions. The program "NoVirus.exe" would show up as "NoVirus" If you were to rename the file to "NoVirus.jpg", it would appear in WinXP as "NoVirus.jpg" but still be an executable with the actual extension of "NoVirus.jpg.exe"


ghost's Avatar

ghost

0 0

Sabrewulf wrote: Depending on the target OS and the method of delivery for the "picture", here is an idea that may work:

The default setting in WinXP is to not show file extensions. The program "NoVirus.exe" would show up as "NoVirus" If you were to rename the file to "NoVirus.jpg", it would appear in WinXP as "NoVirus.jpg" but still be an executable with the actual extension of "NoVirus.jpg.exe"

Sorry, but that is a bit too simple. Someone with a minimum knowledge in the use of windows will find its a program. What i would like is that when the jpg image is being viewed (so the user thinks its a normal image) the program is executing in the background.

Thanyou :D


ghost's Avatar

ghost

0 0

yes it is possable to do this. i don't know personally how to do this. but i have seen it done.


ghost's Avatar

ghost

0 0

UberN00b wrote: [quote]Chinchilla3k wrote: You have to exploit whatever parses/interprets/processes the image. Popular image file formats weren't designed to have executable codes in them.

Thanks for your answer. I have to admit that I don't know anything about exploiting (I'll start learning), but does that mean I have to change the program that "reads the image"? (sorry for my noobness, but I don't really know exactly what exploiting means) or just see how the program works in order to know what to put inside the image file, so that it executes the program that is inside ir?

Thank you again.[/quote]

Short answer is yes.. long answer is that if you could modify the program that reads the image why would you need to bind programs to images in the first place? Windows OSes already come with functionality that can read many image file formats. It's not like what reads the image comes with the image.

Also, knowing how the program works will not guarantee that you can pull this off. Most image file formats are very simple and very hard to "screw up" readers for it.. especially in ones that are widely used everywhere. You'd have to find something many professional developers overlooked while writing simple image file format readers.

Consider this stupid case.. Jeff created an image file format where the image pixel width varies for different rows. So some images didn't have to be the mandatory "rectangle" as in many image editors or w/e. The way he defined the file-format is as follows

  1. The first 4-bit integer z defines the number of rows.

  2. Each row begins with a 4-bit integer n which defines the size of the row, the next n bytes are the pixel data for that row.

Jeff, also fancying himself a pro-coder..and as a pro-coder he decides to optimize his code. He knows that for many years to come - monitors will probably never have a pixel width more than 10,000.. so… to save memory and extra calls to request heap.. he just allocated a 10k byte buffer to work with.. and when he's reading the file format.. he pulls a 4byte integer to get the size of the row and directly copies it with no checking to the 10k buffer.

Now.. say the .jef image-format begins getting popular with a community that thinks the extension is cool or something. Microsoft sees this, and decides to buy Jeff out. They also decide to shamelessly reuse his code, put the Microsoft seal of approval on it, and ship it out with Windows Vista.

Then you have millions of people using a reader for a file-format that will allow any number of bytes to be written to a predefined buffer size on an executable stack.


webspider's Avatar

webspider

Member
0 0

You could do that by fuzzing image files. Fuzzing means to generate data with random pieces in it. They can cause a program to crash and if you've found a way to do it, you can use some shellcode, which will be executed then. The finder of that kind of exploiting has managed to create image and sound files, which open the windows calculator on start.

edit: Don't call yourself UberN00b, this will be a future problem if you start hacking and it looks lame.


Mb0742's Avatar

Mb0742

Ultimate Headshot
0 0

With IE6 and lower I think you can

Make something.gif in paint then use note pad / gedit or whatever to wipe all lines. Then add GIF89a then just some activeX script to run shit on their computer.

IE. markupGIF89a<script>while(1)alert("lol")</script>

Sorry I don't know any ActiveX


ghost's Avatar

ghost

0 0

fallingmidget wrote: yes it is possable to do this. i don't know personally how to do this. but i have seen it done.

I've also "seen" it done: a friend got hacked in this way: or at least what the "hacker" told me he did through her account: he just binded the "radmin" server to the image, so it would load as soon as she opened the image (she didn't have any firewall installed).

I asked if it is posible to know if the hacker lied or not and to have another way of protecting myself, as well as.. trying it on someone :evil: .

dex_poet wrote: I think you mean you have some programming ideas, malicious is what other people call them after you get caught. I don't think you want that. Write down your ideas, revisit them, notice how they were "ignorant", come up with better ideas.

here is a little something I found for fun a while ago, never cross-referenced to see if it was really cheese. http://www.computing.net/answers/dos/changing-a-bat-file/14508.html

That's one way, there are others. I gaurentee you will find them yourself if you continue your studies in that direction.

Well, sorry about saying "malicious" ideas, i meant programming ideas… (I'm still a noob…)

About the site you gave me… Thanks, but that isn't exactly what i wanted, as I already knew how to convert a .bat to an exe (there is an article about it in HBH)

fuser wrote: i'm not too sure myself, try using a binder program. attach the image and the .exe file, and give it to your target.

here's one: http://www.nuclearwintercrew.com/Products-BindersPE/10/

Thank you for the programs, but they don't do what i want to do: they just create a new exe file that just loads both the image and the file… What i wanted was an image that when i opened it, it executed the program, but thank you any way for your answer.

Chinchilla3k wrote: Short answer is yes.. long answer is that if you could modify the program that reads the image why would you need to bind programs to images in the first place? Windows OSes already come with functionality that can read many image file formats. It's not like what reads the image comes with the image.

Also, knowing how the program works will not guarantee that you can pull this off. Most image file formats are very simple and very hard to "screw up" readers for it.. especially in ones that are widely used everywhere. You'd have to find something many professional developers overlooked while writing simple image file format readers.

Consider this stupid case.. Jeff created an image file format where the image pixel width varies for different rows. So some images didn't have to be the mandatory "rectangle" as in many image editors or w/e. The way he defined the file-format is as follows

  1. The first 4-bit integer z defines the number of rows.

  2. Each row begins with a 4-bit integer n which defines the size of the row, the next n bytes are the pixel data for that row.

Jeff, also fancying himself a pro-coder..and as a pro-coder he decides to optimize his code. He knows that for many years to come - monitors will probably never have a pixel width more than 10,000.. so… to save memory and extra calls to request heap.. he just allocated a 10k byte buffer to work with.. and when he's reading the file format.. he pulls a 4byte integer to get the size of the row and directly copies it with no checking to the 10k buffer.

Now.. say the .jef image-format begins getting popular with a community that thinks the extension is cool or something. Microsoft sees this, and decides to buy Jeff out. They also decide to shamelessly reuse his code, put the Microsoft seal of approval on it, and ship it out with Windows Vista.

Then you have millions of people using a reader for a file-format that will allow any number of bytes to be written to a predefined buffer size on an executable stack.

Thank you very much for the explanation! So basically you mean that I will have to create a new image format that opens the exe, and for that I will also need to create a reader for that format, that if it gets popular m1cr0$0ft will buy of me and then i can use it to hack? :o I think I misunderstood… (My english isn't very good…yet)

webspider wrote: You could do that by fuzzing image files. Fuzzing means to generate data with random pieces in it. They can cause a program to crash and if you've found a way to do it, you can use some shellcode, which will be executed then. The finder of that kind of exploiting has managed to create image and sound files, which open the windows calculator on start.

edit: Don't call yourself UberN00b, this will be a future problem if you start hacking and it looks lame.

That sounds a little too complicated (for my level of hacking, which is still very low), but i'll bare it in mind. Thank you.

Yes, I will take your advice and change my nickname (create a new user): when i first joined HBH I thought I wouldn't be very long here, so I imagined i would always be a noob :) . (Thanks again)

Mb0742 wrote: With IE6 and lower I think you can

Make something.gif in paint then use note pad / gedit or whatever to wipe all lines. Then add GIF89a then just some activeX script to run shit on their computer.

IE. markupGIF89a<script>while(1)alert("lol")</script>

Sorry I don't know any ActiveX

Thanks for the answer, but if I want to put activeX on my site, i could just put it in the code of the page. IE6 stops ActiveX form being executed if the user doesn't allow it, so I think it wouldn't really work. (I don't know any ActiveX either…)

Thanks again to everyone that posted. It is of great help to me. ;)


Uber0n's Avatar

Uber0n

Member
0 0

UberN00b wrote: [quote]Mb0742 wrote: With IE6 and lower I think you can

Make something.gif in paint then use note pad / gedit or whatever to wipe all lines. Then add GIF89a then just some activeX script to run shit on their computer.

IE. markupGIF89a<script>while(1)alert("lol")</script>

Sorry I don't know any ActiveX

Thanks for the answer, but if I want to put activeX on my site, i could just put it in the code of the page. IE6 stops ActiveX form being executed if the user doesn't allow it, so I think it wouldn't really work. (I don't know any ActiveX either…)[/quote]

It's actually Javascript. You can easily create a file with the script you want just using notepad, but running XSS through images isn't very common nowadays since it's mostly blocked.

Also, I really don't think including an .exe in an image file and making the .exe execute when viewing it is possible.


Ingelo's Avatar

Ingelo

q|^.^|p - Say w00t!
0 0

Whats up here??!