Stories
Slash Boxes
Comments

SoylentNews is people

It's 2015 and Your Windows Server Can Still be Pwned by a JPEG

posted by CoolHand on Tuesday April 21 2015, @02:03PM   Printer-friendly
from the a-pictures-worth-a-thousand-lines-of-malware dept.

"gewg_" writes:

El Reg reports

Penetration tester Marcus Murray says attackers can use malicious JPEGs to pop modern Windows servers, to gain expanded privileges over networks.

In a live hack set down for RSA San Francisco this week, the TrueSec boffin shows how he used the hack to access an unnamed US Government agency that ran a buggy photo upload portal.

A key part of the stunt is achieved by inserting active content into the attributes of a jpg image, such that the file name read image.jpg.aspx. "I'm going to try to compromise the web server, then go for back end resources, and ultimately compromise a domain controller," Murray said, adding the hack is not that difficult.
video

This is by no means a new attack vector.

Why are we still dealing with this over ten years later?

 
This discussion has been archived. No new comments can be posted.
It's 2015 and Your Windows Server Can Still be Pwned by a JPEG | Log In/Create an Account | Top | 33 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by Anonymous Coward on Tuesday April 21 2015, @03:32PM

    by Anonymous Coward on Tuesday April 21 2015, @03:32PM (#173553)

    Linux servers on their critical systems.

    Starting Score:    0  points
    Moderation   +4  
       Insightful=2, Interesting=2, Total=4
    Extra 'Insightful' Modifier   0  
    Total Score:   4  

  • (Score: 0) by Anonymous Coward on Thursday April 23 2015, @12:32AM

    by Anonymous Coward on Thursday April 23 2015, @12:32AM (#174173)

    LOL word.