Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • January 3, 2025 at 1:39 am #203546
    maleek zain
    Participant

    Hi Mr Diego, Hope you’ve been good?

    I have some issue while completing some of my task to catch a bug, I suspect an endpoint is not properly sanitizing upload img so I did some research then I see the one of many ways to exploit this is by embedding a script in the uploaded img and it gets trigger as soon as the img is open on the other side. I’m almost done with this but where I’m stuck at is the embedding malicious content to the img, pls make this clear to me sir. Thanks.

    January 3, 2025 at 8:48 pm #203571
    Diego PérezDiego Pérez
    Moderator

    Hi!
    It all depends on the malicious content you are talking about, if it is a script, shellcode, bytes, etc. With the content type in mind, you can do a google search about how to embed certain type of data to an image.

    Greetings!
    Diego

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.
Privacy Overview
ZSecurity logo featuring a stylized red letter Z

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookies enabled helps us to improve our website.

Powered by  GDPR Cookie Compliance