[Owasp-Recife] Fwd: [owasppb] Malware Hidden Inside JPG EXIF Headers

Caio Dias caio.dias at owasp.org
Thu Jan 2 00:12:37 UTC 2014


Caso bem curioso, vale a pena dar uma lida.

---------- Forwarded message ----------
From: Ícaro Evangelista Torres <icaro.redes.ifpb at gmail.com>
Date: 2013/12/27
Subject: [owasppb] Malware Hidden Inside JPG EXIF Headers
To: owasppb at googlegroups.com, owasp-paraiba at lists.owasp.org,
segidez at googlegroups.com, hackerspace_jp at googlegroups.com


Muito interessante!

"A few days ago, Peter Gramantik from our research
team<http://labs.sucuri.net/?about> found
a very interesting backdoor on a compromised site. This backdoor didn’t
rely on the normal patterns to hide its content (like base64/gzip
encoding), but stored its data in the EXIF headers of a JPEG image. It also
used the exif_read_data and preg_replace PHP functions to read the headers
and execute itself."

Link do artigo:
http://blog.sucuri.net/2013/07/malware-hidden-inside-jpg-exif-headers.html

-- 

Ícaro Evangelista Torres
Tecnólogo em Redes de Computadores - IFPB
Pós-Graduando em Segurança da Informação - faculdade IDEZ
Skype: icaroetorres

-- 

---
Você está recebendo esta mensagem porque se inscreveu no grupo "OWASP
Paraíba" dos Grupos do Google.
Para cancelar a inscrição neste grupo e parar de receber seus e-mails,
envie um e-mail para owasppb+unsubscribe at googlegroups.com.
Para obter mais opções, acesse https://groups.google.com/groups/opt_out.



-- 
Caio Dias
<https://about.me/caiodias> https://about.me/caiodias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-recife/attachments/20140101/be1cbb1a/attachment.html>


More information about the Owasp-recife mailing list