ShelbyDingo
Resident Chimaeric Dingo
I'm reading through this and I think it broke my brain. Then again, I am not a technician.. I just happen to sit on the sidelines, point and laugh.
Yes, I will admit I am not intimately familiar with the exact mechanics regarding how the exploit functioned. But, the key point I was trying to make is still valid: image files do have the potential of causing damage if they are crafted in a specific manner. The WMF exploit has been patched now, but there is the possibility of more similar exploits being discovered and possibly utilized in the future.
Ok, now this is really REALLY the last I'll say of this. We've gotten way off topic here.
I'm actually glad that admins here actually do their job and do what they can. I've seen people on dA get hacked and I don't see much of anything happen for months.
Go FA admins!!*woots and dances around*
*facepalms* can we stop with the arguing and stuff about jpgs and crap? Its hurting my computer illiterit (and probably spelling) mind.
So, if the pictures prove true, then Nek0gami and Tincrash were hit. Who was the third?
I think the third was Ebony Leopard
So, if the pictures prove true, then Nek0gami and Tincrash were hit. Who was the third?
I looked in another thread and saw someone mention Hobbes_Maxwell...I think the third was Ebony Leopard
aaaaaaaaaAAAAAAAAEpic fail.
I do what I want.
http://www.secureworks.com/research/threats/wmf/
So yea the WMF exploit exists but it's been patched for a long time.
However from what I've read about this exploit, it was used to execute remote code, not viruses/malware. The remote code would then issue a command for whatever it was meant to do, which could have been installing malware.
I mean technically, its still not a virus inside of a .jpg, its remote code inside of a ".jpg" which will then do whatever the fuck it was meant to do (possibly trigger a virus).
Whether it was a WMF exploit that effected the forum member in question or if it was something a bit more obvious like whatever.jpg.bin or whatever.jpg.exe is entirely up in the air.
The point still stands that the exploit has been long since patched up and I wouldn't think that it is going to be used much now that it has been patched for several years, so the .jpgs that Mr. Toolbars were uploaded are most likely safe because:
1. Like I said, the exploit has been patched for years.
2. Modern imageviewers check metadata.
3. If the first two failed, the browser you will be using to view the image in will check the metadata itself.
Negative.ebonyleopard. again.
...<3
you give him far too much credit good sir(full disclosure: that's probably who this is)
Fine if you want to be a total fucking douche and continue this shit do it. I was trying to say stop in a nice way but now you've gone and been a fucking asshat.
How's'about we get back on topic, eh?I do what I want.