Encoding a SHELL into a PNG image

Encoding a SHELL into a PNG image

To compromise a system in its entirety sending or uploading a SHELL and executing it is a dream for every attacker. But with the availability of filter at server side it is essential to hide the SHELL in an appropriate manner. The below flow diagram illustrates the process which can be used to configure a SHELL in a PNG image and would bypass majority of filters at server side.

Rate this article: 
5
Average: 5 (1 vote)
Article category: 

Comments

@Prafull - pls let us know the ways to withstand  or get away with this vulnerability....

One security measure is to use system generated file names instead of the file names supplied by user.

Pages