funsec mailing list archives
Re: Format of embedded graphics
From: Barrie Dempster <barrie () reboot-robot net>
Date: Thu, 29 Dec 2005 14:53:00 +0000
On Thu, 2005-12-29 at 16:12 +0200, Gadi Evron wrote:
nodialtone wrote:Really? Then why did I just get that image just fine? Gimp opens it up just fine.Hmm. Images are not html. I think. :P
I saw some HTML with an embedded image on my end, HTML definitely got through. Email source (excluding the headers and image): This is a multi-part message in MIME format. --===============1587616502== Content-Type: multipart/related; boundary="----=_NextPart_000_057D_01C60C52.DCB02220" This is a multi-part message in MIME format. ------=_NextPart_000_057D_01C60C52.DCB02220 Content-Type: multipart/alternative; boundary="----=_NextPart_001_057E_01C60C52.DCB02220" ------=_NextPart_001_057E_01C60C52.DCB02220 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Most of you, I suspect, read e-mail as plain text. For experimental purposes this message is sent as HTML with a graphic embedded with a question <outbind://218-000000005384F517C8AD9748884180DED30A6CDAA4615401/http://www.l arryseltzer.com/testimage.gif> This graphic was a non-malicious WMF file that I renamed .GIF and embedded. So what happens to the format of such a graphic when embedded in an HTML e-mail? Is it forced to GIF or JPG, or is it perhaps still a WMF and potentially malicious? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine larryseltzer () ziffdavis com ------=_NextPart_001_057E_01C60C52.DCB02220 Content-Type: text/html; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD><TITLE></TITLE> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3DUS-ASCII"> <META content=3D"MSHTML 6.00.2900.2802" name=3DGENERATOR></HEAD> <BODY><!-- Converted from text/plain format --> <P><FONT size=3D2>Most of you, I suspect, read e-mail as plain text. For = experimental purposes this message is sent as HTML with a graphic = embedded with=20 a question</FONT></P> <P><FONT size=3D2><IMG=20 src=3D"outbind://218-000000005384F517C8AD9748884180DED30A6CDAA4615401/htt= p://www.larryseltzer.com/testimage.gif"></FONT></P> <DIV><FONT size=3D2><FONT face=3DArial color=3D#0000ff>This graphic was = a=20 non-malicious WMF file that I renamed .GIF and embedded. = </FONT></FONT></DIV> <DIV><FONT size=3D2><FONT face=3DArial = color=3D#0000ff></FONT></FONT> </DIV> <DIV><FONT size=3D2><FONT face=3DArial color=3D#0000ff>So what happens = to the format=20 of such a graphic when embedded in an HTML e-mail? Is it forced to GIF = or JPG,=20 or is it perhaps still a WMF and potentially = malicious?</FONT><BR><BR>Larry=20 Seltzer<BR>eWEEK.com Security Center Editor<BR><A=20 href=3D"http://security.eweek.com/">http://security.eweek.com/</A><BR><A = href=3D"http://blog.ziffdavis.com/seltzer">http://blog.ziffdavis.com/selt= zer</A><BR>Contributing=20 Editor, PC = Magazine<BR>larryseltzer () ziffdavis com<BR></DIV></FONT></BODY></HTML> ------=_NextPart_001_057E_01C60C52.DCB02220-- ------=_NextPart_000_057D_01C60C52.DCB02220 Content-Type: image/gif; name="testimage.gif" Content-Transfer-Encoding: base64 Content-Location: http://www.larryseltzer.com/testimage.gif -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
Attachment:
smime.p7s
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Get your computer viruses here!, (continued)
- Re: Get your computer viruses here! Blue Boar (Dec 29)
- Re[2]: Get your computer viruses here! Pierre Vandevenne (Dec 28)
- Re[2]: Get your computer viruses here! Drsolly (Dec 28)
- Re: Re[2]: Get your computer viruses here! val smith (Dec 28)
- Re: Get your computer viruses here! Drsolly (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 29)
- Format of embedded graphics Larry Seltzer (Dec 29)
- Re: Format of embedded graphics Gadi Evron (Dec 29)
- Re: Format of embedded graphics nodialtone (Dec 29)
- Re: Format of embedded graphics Gadi Evron (Dec 29)
- Re: Format of embedded graphics Barrie Dempster (Dec 29)
- Re: Format of embedded graphics David Lodge (Dec 29)
- Re: Format of embedded graphics Florian Weimer (Dec 29)
- RE: Format of embedded graphics Larry Seltzer (Dec 29)
- Re: Format of embedded graphics Florian Weimer (Dec 29)
- Re: Get your computer viruses here! Drsolly (Dec 29)
- Re: Get your computer viruses here! Florian Weimer (Dec 28)
- Re: Get your computer viruses here! val smith (Dec 28)
- RE: Get your computer viruses here! Randy Abrams (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 28)