• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

Admin Control Panel

Status
Not open for further replies.
ShelbyDingo

ShelbyDingo

Resident Chimaeric Dingo
I'm reading through this and I think it broke my brain. Then again, I am not a technician.. I just happen to sit on the sidelines, point and laugh.
 
Pi

Pi

Member
Torin_Darkflight said:
Yes, I will admit I am not intimately familiar with the exact mechanics regarding how the exploit functioned. But, the key point I was trying to make is still valid: image files do have the potential of causing damage if they are crafted in a specific manner. The WMF exploit has been patched now, but there is the possibility of more similar exploits being discovered and possibly utilized in the future.

Ok, now this is really REALLY the last I'll say of this. We've gotten way off topic here.
Click to expand...

You lack fundamental understanding of the format yet you claim to have knowledge of how things work.

Hmm.

The WMF "vulnerability" is unique in that it was designed to work with windows and bear an executable callback in the event that the user cancelled printing. JPEG obviously is not designed with that in mind, nor are any other image formats.

Anyway, what I'm saying here is while you are trying to make a useful point, you are cloaking it in "look it up" when it is clear that you have no idea what the fuck you're talking about. Shut up and go back to whatever it is you're good at, because it isn't computer security.
 
shebawolf145

shebawolf145

~RAWR~
GAH STOP WITH THE TECHINICAL SHTUFF.....*falls over twitching*
 
mukichan

mukichan

Chibi Chubbeh Draggie
I'm actually glad that admins here actually do their job and do what they can. I've seen people on dA get hacked and I don't see much of anything happen for months.

Go FA admins!! :D *woots and dances around*
 
Griff-the-DevilDog

Griff-the-DevilDog

Member
Said, "doc what's the condition
I'm a man that's on a mission"
Said, "son, you'd better listen
Stuck in your ass
Is an electrician"

~Beastie Boys
 
D

DigitalMan

Member
Huh. Wow. This is normally where I would offer all of my computer power and technical ability to the FA staff to do with as they see fit... but it seems that's not necessary at all. Still, the offer stands if the issue progresses.

Out of curiosity, is this at all related to the retards on DeviantArt that cause said site to now have a warning whenever you click an off-site link?
 
Fiz

Fiz

shut up bitch
shebawolf145 said:
*facepalms* can we stop with the arguing and stuff about jpgs and crap? Its hurting my computer illiterit (and probably spelling) mind.
Click to expand...

I do what I want.



http://www.secureworks.com/research/threats/wmf/

So yea the WMF exploit exists but it's been patched for a long time.

However from what I've read about this exploit, it was used to execute remote code, not viruses/malware. The remote code would then issue a command for whatever it was meant to do, which could have been installing malware.

I mean technically, its still not a virus inside of a .jpg, its remote code inside of a ".jpg" which will then do whatever the fuck it was meant to do (possibly trigger a virus).

Whether it was a WMF exploit that effected the forum member in question or if it was something a bit more obvious like whatever.jpg.bin or whatever.jpg.exe is entirely up in the air.

The point still stands that the exploit has been long since patched up and I wouldn't think that it is going to be used much now that it has been patched for several years, so the .jpgs that Mr. Toolbars were uploaded are most likely safe because:

1. Like I said, the exploit has been patched for years.
2. Modern imageviewers check metadata.
3. If the first two failed, the browser you will be using to view the image in will check the metadata itself.
 
Last edited:
ShelbyDingo

ShelbyDingo

Resident Chimaeric Dingo
It's just unfortunate that someone had to do this to get their kicks. *sigh.*

The internet is a sad place sometimes.
 
Aquin

Aquin

Haunted
Lol only 3 accounts.

Epic fail. Little e-thug who posted this is probably looking for ways around said ban.

Some advice kids: Don't screw with furries, you'll just get raped instead. Raped in the masses!
 
Ainoko

Ainoko

The Wild And Crazy Hybrid
Zakassis said:
So, if the pictures prove true, then Nek0gami and Tincrash were hit. Who was the third?
Click to expand...

I think the third was Ebony Leopard
 
mukichan

mukichan

Chibi Chubbeh Draggie
Ainoko said:
I think the third was Ebony Leopard
Click to expand...

but wasn't Ebony hacked like... a looooooooooooong time ago? I could have sworn I remembered hearing about that artist getting hacked sometime before Christmas.
 
shebawolf145

shebawolf145

~RAWR~
Fiz said:
I do what I want.



http://www.secureworks.com/research/threats/wmf/

So yea the WMF exploit exists but it's been patched for a long time.

However from what I've read about this exploit, it was used to execute remote code, not viruses/malware. The remote code would then issue a command for whatever it was meant to do, which could have been installing malware.

I mean technically, its still not a virus inside of a .jpg, its remote code inside of a ".jpg" which will then do whatever the fuck it was meant to do (possibly trigger a virus).

Whether it was a WMF exploit that effected the forum member in question or if it was something a bit more obvious like whatever.jpg.bin or whatever.jpg.exe is entirely up in the air.

The point still stands that the exploit has been long since patched up and I wouldn't think that it is going to be used much now that it has been patched for several years, so the .jpgs that Mr. Toolbars were uploaded are most likely safe because:

1. Like I said, the exploit has been patched for years.
2. Modern imageviewers check metadata.
3. If the first two failed, the browser you will be using to view the image in will check the metadata itself.
Click to expand...

Fine if you want to be a total fucking douche and continue this shit do it. I was trying to say stop in a nice way but now you've gone and been a fucking asshat.
 
TwilightV

TwilightV

HELL YEAH!!!
shebawolf145

shebawolf145

~RAWR~
Eevee

Eevee

Banned
Banned
verix said:
(full disclosure: that's probably who this is)
Click to expand...
you give him far too much credit good sir

he is too busy with his super-awesome jpeg compression that can fit anything in 2kb anyway



and man can you guys stop reciting slashdot headlines

image metadata doesn't even remotely have anything to do with this, stop saying that :(
 
Fiz

Fiz

shut up bitch
shebawolf145 said:
Fine if you want to be a total fucking douche and continue this shit do it. I was trying to say stop in a nice way but now you've gone and been a fucking asshat.
Click to expand...

Let me tell you all about regedit.exe aka registry editor.
 
Status
Not open for further replies.
Top