[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?

Davide Prina <Davide.Prina@null.net> writes:
> Corey H wrote:
>> how do you guys test all of the potential PNG/JPG potential malware payloads

What's your use-case? As I'm not aware of an vector for GNU/Linux in
normal everyday use¹, I guess you host files for Windows clients?

Did anyone mention ClamAV already? If so, please ignore me (sorry for
not following closely...).

 - Sebastian

¹ One can execute every file on GNU/Linux. But the attack is that
execution of a file, not the file (otherwise we'd have to consider `rm',
`gpg', `scp', and many more malware, too).

As I was walking down Stanton Street early one Sunday morning, I saw a
chicken a few yards ahead of me.  I was walking faster than the chicken,
so I gradually caught up.  By the time we approached Eighteenth Avenue,
I was close behind.  The chicken turned south on Eighteenth.  At the
fourth house along, it turned in at the walk, hopped up the front steps,
and rapped sharply on the metal storm door with its beak. After a
moment, the door opened and the chicken went in.

                      (Linda Elegant in "True Tales of American Life")

Reply to: