Just because you can upload a file doesn't mean the server will parse it in a way that would compromise it. That's not how it works. There's a reason why most of your examples are around exploiting php applications.
On Oct 10, 2017 9:20 AM, "Stealth Mode" <[email protected]> wrote: > Another set of examples.... > > https://securelist.com/png-embedded-malicious-payload- > hidden-in-a-png-file/74297/ > > https://phocean.net/2013/09/29/file-upload-vulnerabilities-appending-php- > code-to-an-image.html > > http://www.hackingarticles.in/5-ways-file-upload- > vulnerability-exploitation/ > > https://www.owasp.org/index.php/Server-Side_Includes_(SSI)_Injection > > Really good book on image file injections... > > https://books.google.com/books?id=lG_XdxA5LRUC&pg=PA21&; > lpg=PA21&dq=image+file+injection+compromsing+server& > source=bl&ots=E_qdLyJY3C&sig=8BSYFi3AukgoccEcujtnrdeoR4Y& > hl=en&sa=X&ved=0ahUKEwiG58epn-bWAhVi_IMKHcaqD5YQ6AEIWTAH#v= > onepage&q=image%20file%20injection%20compromsing%20server&f=false > > On Tue, Oct 10, 2017 at 5:19 AM, Saint K. <[email protected]> > wrote: > >> Do you have a POC? >> >> >> * From: * Stealth Mode <[email protected]> >> * To: * <[email protected]> >> * Sent: * 10/10/2017 12:44 AM >> * Subject: * Re: [Csgo_servers] Custom files exploit >> >> Yes, IT skills. Electronics skills. And old school knowledge of how to >> inject image files with malicious code (NetSec/ITSec). This is an older >> style of "hacking". Remember those warnings about clicking download >> attachments from the 90s onward? Same thing still applies. Except, there is >> no detection for any hlds/go server, so an injected image can contaminate a >> server cache. Which in turn will infect clients. Any image file, any data >> file really, can be modified like this. Willing to bet good money those >> $500. go weapon skins have hack code scripted and injected into the image. >> >> >> On Mon, Oct 9, 2017 at 11:59 AM, iNilo <[email protected]> wrote: >> >> Sure, >> >> But you have anything to back this up? (don't take it the wrong way) >> >> Nilo. >> >> 2017-10-09 16:54 GMT+02:00 Stealth Mode <[email protected]>: >> >> Headsup admins/owners. Might want to disable custom files till valve >> addresses this issue brought to their attention a month ago. >> There is an exploit where any client with minor skill can inject custom >> files with all types of malicious code. From hacks in weapon skins, to >> ransomware in custom .bsp, to remote backdoors in custom spray paints. >> >> The exploit is injecting code into any image, sound, or data file. You >> can take weapon skins (csgo), sound files, spray paint image files, even >> .bsp/etc. and inject hack code, or actual ransomware, viruses, or >> Trojans/rootkits directly into a server cache, or client cache via the >> custom file. >> >> Might want to disable custom files till valve decides to correct this >> issue. >> >> -StealthMode >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> > > > _______________________________________________ > Csgo_servers mailing list > [email protected] > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >
_______________________________________________ Csgo_servers mailing list [email protected] https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
