Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • January 3, 2025 at 1:39 am #203546
    maleek zain
    Participant

    Hi Mr Diego, Hope you’ve been good?

    I have some issue while completing some of my task to catch a bug, I suspect an endpoint is not properly sanitizing upload img so I did some research then I see the one of many ways to exploit this is by embedding a script in the uploaded img and it gets trigger as soon as the img is open on the other side. I’m almost done with this but where I’m stuck at is the embedding malicious content to the img, pls make this clear to me sir. Thanks.

    January 3, 2025 at 8:48 pm #203571
    Diego PérezDiego Pérez
    Moderator

    Hi!
    It all depends on the malicious content you are talking about, if it is a script, shellcode, bytes, etc. With the content type in mind, you can do a google search about how to embed certain type of data to an image.

    Greetings!
    Diego

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.