Polyglot Files

We learned about magic numbers in the last assignment, now let's learn about some funk things we can do because of this. The essence of hacking is that there is a system, we understand the system, and then we do something awesome with it.

Here we are going to make a polyglot file that can be opened as a .gif or as a .jar by taking advantage of how the OS tries to open files.

Use this link to help create the jar file https://github.com/macagua/example.java.helloworld.

Then make your own hello world gifar using the information in this Stackoverflow answer. a href="https://security.stackexchange.com/questions/116819/beside-gifar-are-there-any-other-known-polyglot-files" target="_blank"https://security.stackexchange.com/questions/116819/beside-gifar-are-there-any-other-known-polyglot-files</a>.

While you are learning about polyglot files, you should learn about POC || GTFO. a href="https://hackaday.com/2017/08/14/bibles-you-should-read-poc-gtfo/" target="_blank"https://hackaday.com/2017/08/14/bibles-you-should-read-poc-gtfo/</a>. They are very entertaining, though highly advanced.

Download a href="https://github.com/rrbranco/poc_gtfo/blob/master/pocorgtfo07.pdf" target="_blank"https://github.com/rrbranco/poc_gtfo/blob/master/pocorgtfo07.pdf</a> and go read Chapter 6. It will open your mind to what is possible, and like all good pieces of education, will mostly serve to teach you how little you know.

For your assignment, write up why the .gifar works.

Hoppers Roppers 2024            Date: 2024-02-25 22:05:39

results matching ""

    No results matching ""