Jump to content

How to launch .vbs or .bat in a jpg


noobie3

Recommended Posts

I wanted to launch a .vbs or .bat file in a jpg file. Meaning when i click on the jpg i see the picture and at the same time the .vbs or .bat file launches.

thx

Short answer: Not possible.

Longer answer: The OS is responsible for deciding what to do with a file you open. So if the OS is configured to open JPG files with mspaint, then that's what will happen when you double click the jpg.

Now, if the file in question is built in a way that will cause mspaint to crash and cause a buffer overrun instance then it may be possible to execute some arbitrary code. Getting this to work is very difficult and it would be patched out of the code in short order.

Hacks that generate increased usage are great, hacks that basically break the way a computer is supposed to work are not.

Is there any possible 'good' use for having unknown code execute when opening an image file?

Link to comment
Share on other sites

Jpgs used to have a flaw that would allow them to execute code, but has long been fixed...

http://antivirus.about.com/od/securitytips/a/jpgflaw.htm

Metasploit uses a few flaws in PNG and WMF's to embedd them in a webpage and then Internet Explorer being served the image and not rendering it properly if it contains scriptable code instead of image data. Most browsers check the mime type or file type before allowing it to load or run, but older unpatched IE5/6 browsers don't check it and also some windows versions have a GDI flaw(If not fully patched or up to date) that allows various image formats to exploit the system, like PNG and WMF files.

Probably not going to happen short of something like a Metasploit type of attack. Google would be your best bet to finding a solution, if there is one. You could try saving a VBS script as a JPG and then trying to load it in a web page, but not sure if this will run. I know it works with PHP on some unpatched versions of Apache and PHP, where it can run the actual PHP code, even if it ends in jpg as the extension, if you name it somehting like image.php.jpg, it executes as PHP.

Link to comment
Share on other sites

Rename the file to reallyhottpic.jpeg.bat (note: this only works if victim is a dumbass)

Link to comment
Share on other sites

i remember something harrison said on sploitcast a while back about a vulnerability in windows that would allow an image loaded on a webpage to setup a backdoor in your computer.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...