-
February 18th, 2009, 02:59 AM
#1
Member
phpBB hack
I was reading a blog on the phpBB hack (http://hackedphpbb.blogspot.com/ - is is actually down now) and they stated that they uploaded an avatar which had some code in it (i think it was just listing a directory or something similar). Does anyone have anymore information regarding running code inside images? How would this be prevented? I would like to do some testing with this but cant really find much information on the topic.
-
February 18th, 2009, 03:14 AM
#2
Junior Member
There was a exploit with IE where you can run Machine code in the image when displayed to the end user.
Other then that was i have discovered myself is that if you ask your user to upload some image say "this-is-an-image.jpg"
and you are storing the image on your website some where with the same name.
so you some one upload a picture with file name "this-is.php?some-image.jpg"
this will be saved as this-is.php on your server, i think only works with linux web servers.
so best would be to use some number when saving file on the server side.
i am not sure the above link explains the same i have not checked but just wanted to make you aware.
Thanks & regards
-
February 18th, 2009, 03:16 AM
#3
Junior Member
Originally Posted by Keith
I was reading a blog on the phpBB hack ( http://hackedphpbb.blogspot.com/ - is is actually down now) and they stated that they uploaded an avatar which had some code in it (i think it was just listing a directory or something similar). Does anyone have anymore information regarding running code inside images? How would this be prevented? I would like to do some testing with this but cant really find much information on the topic.
check this link
http://www.google.com/search?q=cache...ient=firefox-a
-
February 18th, 2009, 03:24 AM
#4
Member
Yeah i found an article that said pretty much the same thing.
I also remember reading that there was a vulnerability with MS OS and the way that they handled images. The hack was on a linux box so this wouldnt work.
The article didnt really say how he did it, so he might of used the php method.
-
February 18th, 2009, 07:08 AM
#5
There was a exploit with IE where you can run Machine code in the image when displayed to the end user.
I wouldn't call a graphical API a problem with IE.
this will be saved as this-is.php on your server, i think only works with linux web servers.
Um, you do realise PHP can be installed on pretty much anything right?
so best would be to use some number when saving file on the server side.
The best thing to do would be to prevent people from uploading web based scripts altogether. Meh... you wouldn't beleave how quickly search engines pick up on junk like r57 and c99shell. Infact, ten seconds after some chump uploads scripts like that someone else will have already gained enought privileges to overwrite everything in the web directory.
The article didnt really say how he did it, so he might of used the php method.
You may want to take another look at the link that was posted.
Last edited by The-Spec; February 19th, 2009 at 03:47 AM.
-
February 18th, 2009, 11:39 PM
#6
Member
Originally Posted by The-Spec
Originally Posted by Keith;
I also remember reading that there was a vulnerability with MS OS and the way that they handled images.
That would be true if we where talking about a driver. Otherwise it's an application flaw and therefore isn't much of a component to the operating system itself.
What about this? http://www.microsoft.com/technet/sec.../MS04-028.mspx
Originally Posted by The-Spec;
Originally Posted by Keith;
The article didnt really say how he did it, so he might of used the php method.
You may want to take another look at the link you posted.
Looked over it again, so he didnt use the PHP method. Any thoughs on how he did it?
Similar Threads
-
By skiddieleet in forum Other Tutorials Forum
Replies: 4
Last Post: July 29th, 2005, 01:43 PM
-
By nebulus200 in forum Security News
Replies: 2
Last Post: July 1st, 2005, 11:24 AM
-
By Lone1337 in forum AntiOnline's General Chit Chat
Replies: 7
Last Post: August 23rd, 2002, 04:16 PM
-
By zigar in forum AntiOnline's General Chit Chat
Replies: 10
Last Post: February 22nd, 2002, 02:24 PM
-
By NUKEM6 in forum Non-Security Archives
Replies: 1
Last Post: February 3rd, 2002, 11:28 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|