The Daily Static
  The Daily Static
UF Archives
Register
UF Membership
Ad Free Site
Postcards
Community
Geekfinder
UFie Gear
Advertise on UF
Forum Rules
& FAQ

Username

Password


Create a New Account

  
 

Back to UserFriendly Strip Comments Index
jpeg virus by whytwolf2006-11-19 12:55:59
  The bottom line: by BlurOfSerenity2002-06-14 09:21:18
    But what if... by Arcanum2002-06-14 09:31:29
      You just answered your own Q. by Naruki2002-06-14 09:34:45
        The OS doesn't have ot be hacked by ToLazyToThink 2002-06-14 12:25:48
The OS doesn’t have to be hacked, there just has to be a common exploit available. If the default program that views your jpegs has some type of buffer overflow reading the jpeg, the overflow could allow code in the jpeg to execute. Although I've never heard of a buffer overflow in a jpeg viewer, never underestimate MS's ability to mass-produce “innovative” security flaws.

Any data file can potentially contain a virus. It just has to depend on a popular default executable (Notepad, IE, WMP?), with some type of weakness. I used to tell my virus paranoid friends that *.txt files were safe from viruses. Unfortunately, that isn't always the case.

Note: Unfortunately I deleted the virus after finding this out. For some stupid reason I didn't save a copy to send to someone who could do something with it. So, I guess I'm asking you to take my word for it. Also this was several months ago, I may not remember the file names correctly. At the time I was running WinMe.

I was unaware that My Documents on my PC was shared, and not long after I installed my cable modem several files were added to My Documents and it's subfolders. These files had extensions along the lines of *.eml (or was that emu, don't remember the icons looked mail related).

I figured they were viruses, and out of curiosity wanted to take a look at them before deleting. Since I didn't have a hex editor installed yet, I just appended .txt to the files and double clicked. Notepad started up, realized the file was to big for it and launched WordPad. WordPad crashed with some kind of error (can't remember text anymore).

A quick check of my temp folder showed a file named something along the lines of TMP1423563.tmp.EXE. I bought up task manager, and sure enough TMP1423563.tmp.EXE was running. I killed it, deleted every thing in the temp folder, and tried again to verify that the renamed file was the source of TMP1423563.tmp.EXE, it was.

Obviously this is not the way the virus was designed to work, but that doesn't change the fact that a *.txt file managed install and launch an executable on my PC.

I know this doesn’t affect all you *nix users, but then again most viruses don’t.
[ Reply ]
          .eml != .txt by tigermouse2002-06-14 12:41:13
            True by wheresthefish2002-06-14 12:56:41
              In Windows 2000 by Arcanum2002-06-14 13:05:54
                Yes, but... by ToLazyToThink2002-06-14 13:26:42
                  Normally it prompts you, unless you by Naruki2002-06-14 13:33:01
                    The .exe extension is perfectly safe too by ToLazyToThink2002-06-14 14:36:04
          Wordpad would have crapped out with by i_am_pi2002-06-14 13:26:34
            mabye, by ToLazyToThink2002-06-14 14:44:46
              It did infect your system when you clicked to by i_am_pi2002-06-14 14:59:18
                Probably right by ToLazyToThink2002-06-14 15:10:30

 

[Todays Cartoon Discussion] [News Index]

Come get yer ARS (Account Registration System) Source Code here!
All images, characters, content and text are copyrighted and trademarks of J.D. Frazer except where other ownership applies. Don't do bad things, we have lawyers.
UserFriendly.Org and its operators are not liable for comments or content posted by its visitors, and will cheerfully assist the lawful authorities in hunting down script-kiddies, spammers and other net scum. And if you're really bad, we'll call your mom. (We're not kidding, we've done it before.)