[Full-Disclosure] Quick JPEG/GDI test & fix (timesaver)

From: GuidoZ (uberguidoz_at_gmail.com)
Date: 10/07/04

  • Next message: RandallM: "Re: [Full-Disclosure] House approves spyware legislation"
    To: full-disclosure@lists.netsys.com
    Date: Wed, 6 Oct 2004 15:53:32 -0700
    
    

    Hello list,

    I wrote a very simple program/batch file that tests for the JPEG
    exploit, then if affected, provides instructions on how to patch the
    exploit. It has been tested on my own lil happy lab network, as well
    as one one network where I'm a sysadmin. (Tested on Windows XP Home
    and Pro, SP1a and SP2.)

    It DOES test for the exploit by attempting to use an "infected" JPG
    which downloads the instructions for fixing it, if exploited. By
    viewing the strings in the JPG, you can see the file it downloads and
    check it out for yourself. It's clean. =) Just contains a batch file
    and a program to launch the batch file. (The file that gets downloaded
    is a simple SFX.) Links are below. It contains a warning saying it's
    about to try to exploit the system and to save data in open programs.
    (It also warns that Explorer may crash.)

    I wrote this merely to save myself time and allow friends/family to
    test their own systems, then patch them without having to call me for
    help. It's not been tested in every environment and in every scenario.
    If you find a problem, feel free to email me (exploit _AT_ guidoz
    _DOT_ com) Obviously I'm not responsible if it's abused somehow, or if
    it breaks something, etc. Feel free to modify it to suit your own
    needs, but use it at your own risk.

    Test can be downloaded from here: http://www.guidoz.com/exploit-test.exe

    Again, it's just an SFX archive with a batch file. Hopefully it will
    save someone else some time. I've used it to have friends/family (and
    a few clients) patch a total of around 30 machines without problems.

    --
    Peace. ~G
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: RandallM: "Re: [Full-Disclosure] House approves spyware legislation"

    Relevant Pages

    • Quick JPEG/GDI test & fix (timesaver)
      ... I wrote a very simple program/batch file that tests for the JPEG ... exploit, then if affected, provides instructions on how to patch the ... which downloads the instructions for fixing it, ...
      (Security-Basics)
    • [VulnWatch] Quick JPEG/GDI test & fix (timesaver)
      ... I wrote a very simple program/batch file that tests for the JPEG ... exploit, then if affected, provides instructions on how to patch the ... which downloads the instructions for fixing it, ...
      (VulnWatch)
    • [Full-Disclosure] RE: Full-Disclosure digest, Vol 1 #1955 - 19 msgs
      ... I wrote a very simple program/batch file that tests for the JPEG ... which downloads the instructions for fixing it, ... feel free to email me (exploit _AT_ guidoz ...
      (Full-Disclosure)
    • Re: floating check boxes on web pages
      ... patch, I realize that is what it is called, but when I ... you want me to send the Publisher file for you to review - ... >> search on MS downloads, ...
      (microsoft.public.publisher.webdesign)
    • Re: Switching Identities
      ... "OE5.5 Roll Up" (aka Cumulative Patch) Q328389, and most of the DLL files ... > identity 1 but downloads the messages for identity 2. ... >> ~Robear Dyer ... >>> vanishing when I switch identities and then needing to ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)