0

Is it possible to infect a picture with a backdoor? And what can I google for that?

Anders
  • 64,406
  • 24
  • 178
  • 215
Flajt
  • 29
  • 4
  • I removed "Kali" from the question, because Kali is just a Linux distro with a certain toolset. The important part will be the tools, not the OS you use. – schroeder Feb 14 '17 at 12:32
  • Pictures are read, not executed so you cannot run scripts in an image. But you can hide a script as an image, so some user looks at the file and thinks it's an image but when he opens it executes a script(there's no image). – JoakimE Feb 14 '17 at 12:37
  • 2
    A back-door is a entry point to a system. Images are not systems, hence you cannot back-door an image. They might vectors to infect a system though, just google a bit and you'll find a lot of literature about attacks using pictures as medium. This infection can be a script that would install a backdoor on the target system. – M'vy Feb 14 '17 at 12:40
  • Do you have any specific image format in mind? In particular, do you consider post script files as an images? – 5gon12eder Feb 14 '17 at 12:41
  • @5gon12eder .jpg or something like that?! – Flajt Sep 04 '17 at 05:57

1 Answers1

3

In theory, it is potentially possible to embed malicious code (e.g. a backdoor) in anything. However, for the code to be executed there must be some kind of vulnerability in the program that reads the image (e.g. Paint, Photoshop, Windows photo viewer) that makes it possible to fool the program into "accidentally" executing the code. Different types of buffer overflows are commonly used for this.

In practice this is not so easy, though. Since the program reading the image needs to be vulnerable, there is no silver bullet that will work everywhere. If you find a vulnerability, it will probably just work with a few particular versions of one particular program on one particular OS. And since vulnerabilities like this are (hopefully) patched as soon as they are discovered, you will either need to find a freash new vulnerability (a so called zero day) or only be able to attack victims who uses old, vulnerable software.

But still, this sort of thing happends in the wild. Here are two examples:

  • ImageTragick was the punny name of a vulnerability in ImageMagick, a software commonly used for processing user uploaded images on servers. It allowed remote code execution by sending SVG images that linked other images whose filenames contains shell commands.
  • If I am not mistaken, Stuxnet spread through a vulnerability in the code in Windows Explorer that processes the thumbnail images of USB drives. (I can not find a source for this, though.)

There is more on Google.

Anders
  • 64,406
  • 24
  • 178
  • 215