Our finals project in our Ethical Hacking Elective Class requires us to create a .jpeg file with a script that would automatically run when the jpeg is opened. Preferably with the common image viewer but it is okay to mention other image viewing software that might achieve this.
Is this possible? What programming language should I look into to make this? I used the tag Assembly as I assume that it might be possible if the image file's code can be altered in that level, but this is just my speculation and I hope that someone can explain if it is so or not.
I have seen some tutorials online about how to hide a .txt file inside an image file and how to disguise a .exe file to look like an image file using WinRar. But I need the file to be in .jpeg format.
I hope I am allowed to do this but here is a link to what I have in mind.Security Stackexchange
112 Answers
There two approaches. (1) You'd have to find some Jpeg Decoder with a funkadelic security flaw.
(2) You could create a non-jpeg stream with a .jpeg extension and try to get your operating system to execute it as a script.
Yes, it is possible. I've personally created media files that can run JS when included as the src of a <script> tag. My favorite example is where I took an MP4 of Risk Astley's Never Gonna Give You Up and modified it slightly to include JS that would redirect the browser to that video on YouTube if exploited.
Polyglot JPEGs:
Here's an article for GIFs: GIF/Javascript Polyglots
Note: a polyglot is a program that runs in more than one language.
There are plenty of articles available if you search for "polyglot js image".
Here's a recent one:
So if loading an image via HTML counts as image-viewing software, you're good to go (assuming the HTML loads the image using a script tag, which is not a good idea), but there are plenty of other mediums where such a polyglot could create an exploit.
1