Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
HEx Edit+GIMP to find Debug Mode in UPLOAD AVATAR php
Posted by: johndoe
Date: January 28, 2012 07:49PM

HELLO GUYS I WAS EXPERIMENTING AND TAMPERING AROUND WITH A PICTURE AND DOING IMAGE INJECTION.I TOOK OF A HALO PICTURE I SHOT THEN I USED HXD HEX EDITOR AND EMBEDDED PHPINFO CODE INSIDE PIC, AFTER JPEG HEADER, I SAVED IT AS ,PHP,JPEG. THEN I USED GIMP AND CONVERTED THE PICTURE TO BLACK AND WHITE, i saved the file as .php.jpeg,in gimp FUNNY THING IS GIMP OPENS THE FILE AFTER I INSERTED THE PHP CODE in black and white mode, what did i do after this??

well i decided to go to a forum: foro, re vo lu cion al dia.org, checked myself in and uploaded the picture, the site had no problems uploading the picture to my surpise i got an error:


HERE ARE THE PICS, HALO, INJECTED IMAGE WITH HXD EDITOR AND THE ERROR ON FORUM:






RESULTS AFTER UPLOADING PICTURE IN THE FORUM, THIS IS AFTER UPLOADP:


Options: ReplyQuote
Re: HEx Edit+GIMP to find Debug Mode in UPLOAD AVATAR php
Posted by: thrill
Date: January 29, 2012 10:47PM

I THINK PICTURE MESSED UP YOUR CAPSLOCK KEY.. CAN'T SEE ANY OTHER ISSUES BESIDES THAT.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: HEx Edit+GIMP to find Debug Mode in UPLOAD AVATAR php
Posted by: Skyphire
Date: June 18, 2012 05:54PM

Yes? it didn't work. here's why:

216      switch ($type)
 217      {
 218          // GIF
 219          case 1:
 220              if ($imgtype != '.gif')
 221              {
 222                  @unlink($tmp_filename);
 223                  message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
 224              }
 225          break;
 226  
 227          // JPG, JPC, JP2, JPX, JB2
 228          case 2:
 229          case 9:
 230          case 10:
 231          case 11:
 232          case 12:
 233              if ($imgtype != '.jpg' && $imgtype != '.jpeg')
 234              {
 235                  @unlink($tmp_filename);
 236                  message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
 237              }
 238          break;
 239  
 240          // PNG
 241          case 3:
 242              if ($imgtype != '.png')
 243              {
 244                  @unlink($tmp_filename);
 245                  message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
 246              }
 247          break;
 248  
 249          default:
 250              @unlink($tmp_filename);
 251              message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
 252      }

Options: ReplyQuote


Sorry, only registered users may post in this forum.