I am using the libpng- a c library to check the valid .png file. If a file is valid it passes the test. I want to inject shell code in it. How can I craft a .png file, so that it is still a valid image file and also contains some shell code in it. Please tell me how is it possible. Thanks.
Well, AFAIK there is no way to inject code into a png file and execute it. But you can inject your png file into a shell script, and after view it. But you must convince the one you hack to make the png file executable and to open so-called png file through terminal.
The procedure is:
Create a text file, call it executeme.png
Paste the following code into it, note that there shouldn't be any new line at the end of the file.
#!/bin/bash
PNG_FILE=$(mktemp /tmp/hack.XXXXXXX.png)
ARCHIVE=$(awk '/^__ARCHIVE_BELOW__/ {print NR + 1; exit 0; }' $0)
tail -n+$ARCHIVE $0 > "$PNG_FILE"
# whatever you want to do is here!
xdg-open $PNG_FILE
exit 0
__ARCHIVE_BELOW__
Append your original png file using cat injectme.png >> executeme.png.
Make executeme.png executable.
If you run the executeme.png from terminal, the original png file will be shown using the default image viewer, and your injected code will be run.
Note: I don't believe there is someone so stupid to execute that file.
Note2: On Ubuntu, executeme.png cannot be executed from file managers because it's tried to be opened using the file manager due to the png extension. You may rename file executeme.png to execute.\rpng (append a carriage return before png after dot) so at first it looks like a png file, since its extension is not png it will be executed with double click if it's executable. To make that renaming, you may need to use terminal.
Have a good time hacking! :D
Further reading: Linux journal, making installers
Related
I need to export/import my spk file via windows Batch script.
For which I have been referring this document
But this document does not mention how to save the file (I mean with which extension .bat or .sas)
My command:
ExportPackage -profile "SAS_MW_TEST" -package "F:\mypath\Package4.spk" -objects "/_Applications/_05_MW/_01_SAS_MW/_20_Processes/savedesk(Folder)" -subprop -types "Condition,BusinessRuleFlow,ExternalFile,Cube,SearchFolder,Table,GeneratedTransform,OLAPSchema,InformationMap.OLAP,Measure,Column,Job.CubeBuild,Action,Library,MiningResults,DeployedJob,CalculatedMeasure,Hierarchy,InformationMap.Relational,RootFolder,Prompt,Document,ConditionActionSet,DecisionLogic,Dimension,Note,StoredProcess,PromptGroup,Job,OrchestrationJob,MessageQueue,Service.SoapGenerated,Level,SharedDimension,DeployedFlow"
ExportPackage is an executable program that you can run out of a batch file.
Use Notepad or any other text editor (which includes any SAS code editor), place the ExportPackage program command in the editor and use the File/Save As feature to save the file as something like myPackageExporter.bat
If the items in the package are say stored processes whose metadata says the source code is in an file system folder (aka source code repository), you will probably also want to zip up the folder.
This macro can help you prepare the batch script, ready for export: https://core.sasjs.io/mm__spkexport_8sas.html
I'm facing this very strange problem when working with gzip files. I'm trying to download this file https://www.sec.gov/Archives/edgar/daily-index/2014/QTR2/master.20140402.idx.gz
When I view the contents of the file inside the archive, it is perfect.
However when I unzip the contents and try to see them, it is all gibberish.
Is something wrong with the file or am I missing to see anything here?
If I remember correctly, an idx file is a Java file. It can also a plain text archive format, which it is in this case.
On Linux, try running
gunzip master.20140402.idx.gz
This will extract it into an idx file, which you should be able to open with any text reader, such as vi, since vi can open pretty much anything.
On Windows, you can, from the command line, use WinZip, with:
wzunzip -d master.20140402.idx.gz
You can then use something like IE, Edge, or Wordpad to try to examine the file, that should automagically load a readable environment.
EDIT:
So, I downloaded the file, and was able to extract, and view it in vi, IE, and Wordpad, using my above commands, so if you are seeing gibberish, try redownloading it. It should be 104kb in .gz format, and 533 kb extracted.
I am working on a project that uses Huffman algorithm to compress files, and I am doing my project using Java, what I want is to create my own file extension say (.huff) for the compressed file, and when I right click a file if it has the (.huff) extension, I want to add a new option which decompresses it, I searched the web but I did not find anything useful.
Any help would be appreciated.
To set the file extension just use one of the String methods like append(".yourExtension") (append it to the filename) and set as filename. Simple as that.
String filename = filename.append(extension);
To decompress the compressed file, I suggest you write a metod to which you provide a path to file as argument, check if the file extension is correct and then in another method you decompress this file.
There is nothing special about a file extension, it's just a part of the file name. To create a .huff file extension, just add .huff to the end of the file name.
To add the windows context menu, that's explained in the question linked in the comments How can I add a context menu to the Windows Explorer for a Java application?
I would recommend creating a batch script that will launch your program taking in the file to decompress as an argument.
Something similar to:
#echo off
java -cp <path-to-jar> <decompression main class> %1
Adding in any other setup or program arguments you need. Then a registry entry might look like.
HKEY_CLASSES_ROOT\.huff\shell\Decompress huffman encoded file\command
"<path to batch file>" "%1"
I can find plenty of answers on the internet about how to open a specific file, e.g. http://answers.yahoo.com/question/index?qid=20080102230630AAfu5dF
However, I need to provide a way of opening a non-specific file in a program called by a batch file.
To explain, here is an example. The user has a folder with 100 files in with the .xyz extension. He wants to be able to double click on ANY file and open it in his "XYZ Viewer," but to run his XYZ Viewer he needs to run a batch file that alters his registry and then runs the actual XYZ Viewer .exe.
If you select the batch file to be the default program via the "Always use the selected program to open this kind of file" tickbox, it will open the program, but without using the standard Windows function of opening the file that instigating the running of the program.
Is there a way to run the program through the batch file and for it to both run the program and open whichever file it was that instigated the running of the program?
I suspect this is impossible, but any suggestions would be very gratefully received!
Cheers.
Edit:
The program does eventually support opening a file placed as an argument to it.
My code is
reg import c:\regent\31.2.03.reg
start C:\Program\Program.exe
Does the program eventually support opening a file placed as an argument to it? In the example you linked, mspaint opens the first parameter given to it.
If your batch file isn't currently doing this, you will have to edit it to contain the batch parameter(s).
See http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/percent.mspx?mfr=true for some fuller documentation on it.
Essentially you want to add %1 somewhere like:
reg import c:\regent\31.2.03.reg
start C:\Program\Program.exe %1
Is it possible to detect file format and encoding of file using batch files? And if a particular file is not of intended format, throw an error?
As a *nix guy, I'd want to jump for something more powerful than a batch file, such as Python. (or a shell script, but I'm assuming you're using Windows --- you might look into PowerShell, but I've never tried it.)
Unix has a great utility for this sort of thing, it's named file. There appears to be a Windows version here: http://gnuwin32.sourceforge.net/packages/file.htm
Basically, you run file [your filename here] and file spits out a blurb about the file. For example:
$ file zdoom-2.4.1-src.7z
zdoom-2.4.1-src.7z: 7-zip archive data, version 0.3
It's not always right, and it doesn't mean that if file says "this is a JPEG" that the file is actually a JPEG: it could be corrupt, etc.
Also, if I rename the above 7z archive to "foo":
$ file foo
foo: 7-zip archive data, version 0.3
... file will still get it.