• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

Admin Control Panel

Status
Not open for further replies.

Pi

Member
It's common practice on the -chans to turn .rar files into .jpg files to make them easier to upload and harder to detect for those that aren't in the know. It's actually a neat little process. So yes, you can hide shizz in jpegs. Accessing it is a different matter, yes, but the storage can be done.

Again, that is entirely different than what Torin_Darkflight is describing.
 

verix

some dragon
It's common practice on the -chans to turn .rar files into .jpg files to make them easier to upload and harder to detect for those that aren't in the know. It's actually a neat little process. So yes, you can hide shizz in jpegs. Accessing it is a different matter, yes, but the storage can be done.

this requires actually renaming the file, though, for it to work properly. this is not how a virus delivers a payload in a malicious file.
 

Shark_the_raptor

I'm in love with a pizza.
The fact is none of you are safe.
You pissed off the wrong fucking guy.

The fact being your art is sick.
The way you accept and do things is sick.
The way you proceed and act.
The way you treat others.

I will see that this community ceases too exist.
And any other community which prohibits such acts.
Which are against human nature.

Fix'd. ^.-.^ (corrections in bold) Also, I think you're pretty dull. I've seen better.
 

Arshes Nei

Masticates in Public
So when's the site coming back :l

edit: Also, I've still never heard of Nylak. She sounds like some sort of slut given the sexual/aggressive nature of the comments that mention her.

She's a moderator of the forums. As far as the sexual nature of comments, uhh hello, what site is this again?
 

Mokusei_Kaze

Dream Weaver
Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI. He can actually get some serious fines and/or jail time. And you know what... I doubt he or anyone will want to do this if they see that FA will actually prosecute
 

Ainoko

The Wild And Crazy Hybrid
Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI. He can actually get some serious fines and/or jail time. And you know what... I doubt he or anyone will want to do this if they see that FA will actually prosecute

Good idea, if more sites did this, then the hackers would have to back down and get thier jollies elsewhere.
 
Strange how you claim the exploit doesn't exist. Then apparently the security notice (MS08-021) and critical security update (KB948950) issued by Microsoft to fix this exact exploit must not exist either.

The WMF exploit is real. A modified WMF file can be renamed with a JPG extension. If the image viewer isn't smart enough to read the file's metadata to verify what kind of file it really is, then the possibility of damage from the image file does exist. There was genuine concern regarding this attack among art-sharing websites such as FA. Do your research before blindly claiming something doesn't exist.

Now I will shut up.
 
Last edited:

ShelbyDingo

Resident Chimaeric Dingo
Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI. He can actually get some serious fines and/or jail time. And you know what... I doubt he or anyone will want to do this if they see that FA will actually prosecute

I second this idea, personally.

If action is taken, people might actually think twice!
 

Fiz

shut up bitch
Also to whoever thinks this is Onideus Mad Hatter, it's most likely not. He's "smart" enough to use a proxy. I've had to ban a ton of his proxies on dramachan until he apparently ran out (anonib is globally banning proxies so it was only a matter of time until he ran out of working ones) or until he got bored (doubt it).
 

vappykid5

Un-Official Cherry Bomb Maker
Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI. He can actually get some serious fines and/or jail time. And you know what... I doubt he or anyone will want to do this if they see that FA will actually prosecute

I agree with this.
 
Even IrfanView does this.

Problem is, for simplicity to the user, some web browsers will try to open image files anyway, regardless of whether the extension and header match or not. Thus, a user could click on a link to an image that genuinely does end in ".jpg", yet it could be any other random format, and there's a good chance the browser will still open it anyway, or at least try to open it, with who knows what sort of result. This is why the WMF exploit was so concerning. Even Firefox was affected by the exploit.
 

Dragoneer

Site Developer
Staff member
Site Director
Administrator
UPDATE:
For the record only three accounts were jacked by Mr. Toolbar McBeefhacker. We closed the site to ensure there was no further issues. We're still reviewing the situation, and will give full disclosure once we know what happened.
 

ArielMT

'Net Help Desk
Yay on the update!

The WMF exploit is real. ... If the image viewer isn't smart enough to read the file's metadata to verify what kind of file it really is, then the possibility of damage from the image file does exist.

The WMF exploit took advantage of the fact that Windows does check the file's metadata and does verify what kind of file it really is.

The entire computer security industry took it seriously, and in fact the hole was patched by third parties before it was patched by Microsoft. The reason Microsoft downplayed it and took their time with a patch is because the cause was a deliberate and long-thought-out core design decision.
 

Blick Fen

New Member
Hey so, since there is more than enough information to send to ISP to get him taken care of that way... you should also turn him into the FBI. He can actually get some serious fines and/or jail time. And you know what... I doubt he or anyone will want to do this if they see that FA will actually prosecute

IAWTC.

Then again, I'm all for hammering fuckwits wherever they may roam.
 
*facepalms* can we stop with the arguing and stuff about jpgs and crap? Its hurting my computer illiterit (and probably spelling) mind.
 

Renard_v

FAT DONGS
Problem is

A WMF is a vector graphic format, isn't it? A JPG is a graphic format, isn't it? You're hiding a vector graphic in a graphic. If you're hiding code in that WMF, you're hiding executable code in a WMF, so you've got code in code in code.

Firefox reads metadata for all files, last I checked, and will display them if the proper software is available to decode it.

Example: a GIF is accidentally named .JPG, but firefox will see that it is a GIF and load it.
Example: an EXE is accidentally named JPG, and firefox will not be able to execute this file, so it will ask the user to save it instead. at this point, nearly any image viewer will say "SOMETHING IS WRONG" and it will not be executed as an EXE until then.

What is firefox going to do about a WMF (within a JPG) file that it knows nothing about? it's going to ask the user to save it somewhere.
 
Yay on the update!



The WMF exploit took advantage of the fact that Windows does check the file's metadata and does verify what kind of file it really is.

The entire computer security industry took it seriously, and in fact the hole was patched by third parties before it was patched by Microsoft. The reason Microsoft downplayed it and took their time with a patch is because the cause was a deliberate and long-thought-out core design decision.

Yes, I will admit I am not intimately familiar with the exact mechanics regarding how the exploit functioned. But, the key point I was trying to make is still valid: image files do have the potential of causing damage if they are crafted in a specific manner. The WMF exploit has been patched now, but there is the possibility of more similar exploits being discovered and possibly utilized in the future.

The versions of Firefox that were vulnerable to the WMF exploit would automatically open WMF files without prompting the user. It wasn't until about version 1.5 that FF was finally changed to pop up a "Do you want to open this" prompt.

Ok, now this is really REALLY the last I'll say of this. We've gotten way off topic here.
 
Status
Not open for further replies.
Top