Somebody told me it is possible to insert shellcode into an image or pdf file and execute the shellcode if the image or pdf file was opened. I know that this could be possible if the application (for example Adobe Reader) is vulnerable to a buffer overflow. But is it possible to 'backdoor' a file without some special exploit, or are non-PE files safe?
Asked
Active
Viewed 1,495 times
4
-
Something needs to execute the backdoor ... – schroeder Jun 01 '18 at 19:31
-
There's this https://resources.infosecinstitute.com/launching-shellcode-cat-pictures/ – Tuğberk Kaan Duman Jun 01 '18 at 19:34
-
Oh okay, so the payload itself must be executed by another program. Thanks for your answers! – Bowmann Jun 01 '18 at 19:42
1 Answers
1
There was an actual exploit that did this.
The problem isn't the image. It's the implementation of the application that reads the image data.
https://imagetragick.com/ - this is a great example of an application that read an image format, and executed code in that image.
But in general, no. Embedding shell code into an image should never allow execution of the shell code.
Jonathan
- 2,288
- 13
- 16