[hbhakta]

i heard something about a jpeg virus. how exactly does a jpeg work. i never knew that jpegs contained code in them - i thought it was just a picture. can somebody explain all this to me plz?

[sippin codeine]

First you have a better chance of being struck by lightning than getting hit by one of those, they do exist but are rare, A jpeg file has code in it like any other file, Hackers use a buffer overflow within the code of the file to execute malitious code.

[Iron_Cross]

You can also use stragenography (not sure if that's spelled right) there are programs on the web that will sort of link an exe to a jpeg, making the jpeg it's own virus of sorts. Some people use them to infect people's computers with trojens...since most people are more than willing to look at a picture of something or another.

[winblowz]

Quote:

Originally posted by sippin codeine
First you have a better chance of being struck by lightning than getting hit by one of those, they do exist but are rare, A jpeg file has code in it like any other file, Hackers use a buffer overflow within the code of the file to execute malitious code.

Umm-not true.

There is a hole in the MICROSOFT jpg reader. Hackers/coders can disguise a piece of code as a jpg, so that once it is downloaded they can execute mailious code on your machine-such as a trojan etc. Then they can break in using the specified client or using a cmd line (assuming you know the correct port etc)

Or they can just send in code that completely scrwes up ur comp...


Anyways, I think the problem is with the M$ jpg header reader or something to that effect.

I have a very basic knowledge of what I'm talking about, please correct my if I am incorrect.



AL

[sippin codeine]

Quote:

Originally posted by winblowz
Umm-not true.

There is a hole in the MICROSOFT jpg reader. Hackers/coders can disguise a piece of code as a jpg, so that once it is downloaded they can execute mailious code on your machine-such as a trojan etc. Then they can break in using the specified client or using a cmd line (assuming you know the correct port etc)

Or they can just send in code that completely scrwes up ur comp...


Anyways, I think the problem is with the M$ jpg header reader or something to that effect.

I have a very basic knowledge of what I'm talking about, please correct my if I am incorrect.



AL

Your correct, I wrote that before I saw all those .jpg exploits on symantec. seems its not so rare, but still too rare for me