How in does not support the Upload file to the forum file upload-vulnerability warning-the black bar safety net

2006-05-14T00:00:00
ID MYHACK58:6220069064
Type myhack58
Reporter 佚名
Modified 2006-05-14T00:00:00

Description

How in the does not support file upload Forum, Upload File To achieve this goal, there is a prerequisite for this forum to be able to upload pictures. Commonly used Picture format is generally as JPEG, this format is FFD9 as the end-of-file Mark, as to which after the Deposit of anything on the matter, so we can put we want to upload the file attached in the back, while not affecting the picture display. BMP format is also possible that, because this format has a position is saved the file size, in determining the size of the back is what also regardless. Promotion, all with end-of-file flag or the equivalent of a end-of-file mark, such as a BMP format to a file appending data does not affect the original file.

Based on the above principle, I created a packaging tool, as long as the first picture of the mark scored to go, then put the want to upload the files into go, put this feed of pictures uploaded on it. Other people to download this picture, and then use this tool to file out.

Made this tool just to upload some small files, hope you do not abuse. In fact, this tool can also be used to convert file packaging, can also be used to convey hidden messages, such as you can put love letters play in your own photos to the XX, but XX see when, do not know these years.

In order from the lower side of the picture to remove this tool, hope you can read the following code, of course, a direct copy is also able to run, remember to put the picture copied to the compiled executable file's directory name to the right.

The CODE:

include "windows. h"

include "TChar. h"

const DWORD size = 2 5 0 6 3;

const DWORD startPos = 3 2 3 5;

int main()

{

HANDLE hrFile = CreateFile(_T("lookinside.jpg"), GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

HANDLE hwFile = CreateFile(_T("PackFiles.rar"), GENERIC_WRITE, FILE_SHARE_WRITE, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);

SetFilePointer(hrFile, startPos, NULL, FILE_BEGIN);

SetEndOfFile(hwFile);

char buf[size];

DWORD rb, wb;

ReadFile(hrFile, buf, size, &rb, NULL);

WriteFile(hwFile, buf, size, &wb, NULL);

CloseHandle(hrFile);

CloseHandle(hwFile);

return 0;

}

[Copy to clipboard]

!

http://blog.csdn.net/images/blog_csdn_net/happycock/lookinside.jpg happycock published in 2 0 0 6-0 4-0 4 1 2:0 2 AM Note that using IE to save the picture when sometimes problems occur, such as memory into another format, the transfer format when later the content will be lost. Therefore, it is best to use the download tool to save this picture.

jzps: an interesting encrypted transmission. Related to see http://www.eviloctal.com/forum/htm_data/20/0601/18345.html