can you get viruses from any file?
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: can you get viruses from any file?

  1. #1
    Senior Member
    Join Date
    Dec 2003
    Posts
    317

    can you get viruses from any file?

    i was in my programming class today and somebody opened up a .jpg file and the teacher went off. she said that you can get infected by a virus by opening any file and that viruses attatch themselves to any files they come into contact with. a couple of the kids argured with the teach on this, but she seemed pretty sure and said some stuff about how many years she'd been working in IT and that was the end of the discussion.

    i had thought it was only executable files. and that you could only get infected from a normal file the file had something like a macro in it(like those old ones that exploited ms office) and you opened it with a program that could execute that macro... is it possible for a file, like a jpg, to have a viurs or worm hidden in it, like fused with the file, or would there have to be some kind of executable in the same folder with the jpg and that executable would be run by the macro when you open the jpg. and do viruses attatch themselves to all files or just executables?

  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    No doubt. You most like FIND viruses inside of a .jpg file because it's harder to detect and/or wouldn't be thought of as containing a virus. Their are specific binding applications out there designed to bind two files together, specifically a .jpg and a .exe. Hope that provided some insight for you.
    Space For Rent.. =]

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Your teacher was correct insofar as there is no such thing as a "safe" file.............

    Other than that, she is wrong by being too generalistic. Specific viruses will attack specific file types.

    Also they may attach (append or prepend), insert, or overwrite.

    If you convert a file such that it can be opened with a programming text editor, you should be safe.

    Also, have a file(executable) monitor and a registry protector.


  4. #4
    Member
    Join Date
    Dec 2003
    Posts
    97
    I suspect the concern behind JPGs has been the recent number of exploits in systems that actually read the JPG. Using this exploit, if your system isn't patched, code can be embedded in the JPG and infect your system when you open the file.

  5. #5
    Their are specific binding applications out there designed to bind two files together, specifically a .jpg and a .exe.
    I would really like to see a "specific" example of that. If I'm not mistaken, the jpeg would have to exploit it's renderer to run any code... Therefore "binding" a jpeg and a exe is unrealistic unless it exploits a vulnerability like the GDI overflow.

    Here's another guy that claimed that was possible.
    http://www.antionline.com/showthread...r=1#post737654

    My bottom line: Not all files are executable, but they can be in insecure circumstances (i.e. rendering overflows), which gives every file the potential to be dangerous.

    edit: I can see a .exe opening a .jpeg to make it look like it had the .jpeg extention, but not a .jpg running as an .exe.

    virus.jpg.exe = possible
    virus.jpg = not possible w/o certain circumstances.

  6. #6
    Senior Member
    Join Date
    Dec 2003
    Posts
    317
    i've heard of binding two executables together, like a trojan and some other program, but not a jpg file... could it be possible to bind the virus to a file then, use an exploit in the program that's expected to open the file to execute the virus? also, what about java? couldnt java be used to put viruses on ur system via a webpage or are most browsers pretty secure against that?

  7. #7
    Originally posted here by Phonedog911
    i've heard of binding two executables together, like a trojan and some other program, but not a jpg file... could it be possible to bind the virus to a file then, use an exploit in the program that's expected to open the file to execute the virus? also, what about java? couldnt java be used to put viruses on ur system via a webpage or are most browsers pretty secure against that?
    Exe + malicious exe is possible
    Malicious code in a jpeg has been done before, check out the GDI vulnerability, it's very recent. Java works in a "sandbox" so it doesn't have access to things that would allow it to be malicious unless it exploited the java runtime enviroment.

  8. #8
    Did someone said Pizza :) FanacooL's Avatar
    Join Date
    Oct 2004
    Location
    Karachi , Pakistan
    Posts
    466

    Re: can you get viruses from any file?

    Quite a long time ago i received an email...... in the contents there was text written in color and when u move ur pointer over the text the color changes to something else. Now after doing my work when i restart the system things have changed lots of exe files extensions were changed..... wht i think that mail contain was a trigger or something like that...... anyway the reason telling this story is to let u know that there are other ways of infecting system rather than just .exe files.
    One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!

  9. #9
    Senior Member
    Join Date
    Dec 2003
    Posts
    317
    yeah, thats wut i was talking about with the macro trojans. there used to be exploits in ms office that would allow people to copy files and execute malicious code on ur system. macros are how they made the text and stuff change colors, i guess the color changing was a front for copying wierd viruses all over ur system

    also, i had heard somewhere that all those warez sites out there were fronts for launching attacks. apparently the site owners get exploits, etc. rewritten in java and whenever somebody visits the site they run the exploit locally on their system, this way they cant trace who's really doing it if there are a lot of ppl visiting the site

  10. #10
    also, i had heard somewhere that all those warez sites out there were fronts for launching attacks.
    Typically, any site containing shady content will most likely exploit you somehow, and can get away with it pretty easily. Let's pretend Mr. Whitecollar goes to a porn site. The porn site exploits activex and installs adware. What can Mr. Whitecollar do about it?

    Possibly nothing short of a reformat. The reason the porn site is protected is because Mr. Whitecollar doesn't want anyone to suspect him of looking at porn, so he can't retaliate with a lawsuit or whatever. Us educated folks, however, know that this can happen in email or anywhere else and getting malware does not necessarily mean the user was looking at porn.
    Although it is a very common reason.

    Bottom line: shady sites shouldn't be trusted... Just like shady people.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •