Actually my information is grounded in fact and 100% replicatable if you know the field. I've listed a few resources to educate yourself. Please refrain from speaking if you do not have an education in ITSec.
https://books.google.com/books?id=0OlIT9eEEsoC&pg=PA193&lpg=PA193&dq=image+file+injection+compromsing+server&source=bl&ots=vGZbN7Qhsb&sig=3CbPAaU8hPbmqemmMXQ4kZXoI2E&hl=en&sa=X&ved=0ahUKEwiG58epn-bWAhVi_IMKHcaqD5YQ6AEIYDAJ#v=onepage&q=image%20file%20injection%20compromsing%20server&f=false The links I've provided are just a few examples. Anyone can make a custom image file (weapon skin, or spray paint, or wad in a .bsp) inject code into it, and use your server, and clients connected to it to launch whatever code they want. In the links provided, these are image files used to inject code into web servers once the image is loaded. Meaning, once a spray is sprayed, or a client uses x weapon skin through GO market. Once sent to server/client cache, it then executes spraying a benign image, or rendering a benign looking skin, while behind the scenes it is also executing code. Now most of these script kiddies probably are just using the images to run hacks, which yes they can be just that benign. However, more sophisticated hackers can also use this to compromise entire networks, backbones, etc. On Mon, Oct 9, 2017 at 8:28 PM, devu4 <[email protected]> wrote: > This is such a pointless thread, no proof and a big headed clueless guy > coming out with irrelevant crap! > > > > -- > Sent from: http://csgo-servers.1073505.n5.nabble.com/ > > _______________________________________________ > Csgo_servers mailing list > [email protected] > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >
_______________________________________________ Csgo_servers mailing list [email protected] https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
