Mixing File Types
by mjw on Aug.01, 2008, under
I just stumbled across an interesting article about an upcoming talk at BlackHat. They dub the technique “GIFAR” where they rename a java file as a gif but it still executes as a jar.
CyberWART and G2 have used similar techniques. One of my favorites is to create a html file and rename it to a .doc extension. The file will open, and if done correctly, will look exactly like a MS Word document. However, there are a couple nice perks.
First, some html commands will work. You can embed an hotlink to an image on the web. The computer will automatically pull it. This is useful for SPAM and such.
Additionally, you can embed ActiveX. The ActiveX will autoexecute in the context of the localhost — which is lovely. We’ve been fuzzing those controls. 
Leave a Reply
You must be logged in to post a comment.
August 2nd, 2008 on 6:01 am
AWESOME STUFF
thanx so much
August 5th, 2008 on 8:13 am
Prove it. for spaming a site and having very little to say, you do sound pretty stupid. there are security features like Security Settings for AX controls in Word. and the same goes for the HTML pull down, it only allows picture pull downs on trusted or “ok’d” docs…. so if you click ok its your own stupid fault.