Topic: Exploit In Jpg, Worth Trying? (Read 97 times)

raygod · « **on:** December 30, 2006, 04:45:00 AM »

I was reading that pinned post about what capabilities the xbox 360 console has. Talks about movies, blah blah, music, mp3 and also viewing of certain image file types and one of them is JPEG's.

Will this be of any use?

http://www.microsoft.com/technet/security/...n/MS04-028.mspx

tonemgub · « **Reply #1 on:** December 30, 2006, 02:36:00 PM »

How to do this: Hide Files in a .jpeg

SRI-Sajuuk · « **Reply #2 on:** December 31, 2006, 12:02:00 AM »

Well, first, that Hyper-thing M$ put in the 360 prevents any buffer overflow in the system....

And secondly, the hiding files in the JPG is a neat trick, but theres no way the 360 will even look at that part of the file, once it hits the JPG file footer...its done...wont load anymore.

although, we're pointed in the right direction...i think this is our way in through the media streaming system or the dashboard media loaders

(IMG:style_emoticons/default/pop.gif)

This post has been edited by SRI-Sajuuk: Dec 31 2006, 08:03 AM

No_Name · « **Reply #3 on:** December 31, 2006, 12:54:00 AM »

Why dont you try it yourself then come back and let us know what happens.

Personally I highly dount it would work given its a known exploit also the way if its not signed it wont run the 360 even then as its not a PC the 360 would ignore the explot section of the file anyway

SRI-Sajuuk · « **Reply #4 on:** December 31, 2006, 12:56:00 PM »

Yeah, No name is right, the 360 would ignore the exploit portion of the file, or ignore it altogether....

Damn you M$!

FrEaKsHoW12390 · « **Reply #5 on:** December 31, 2006, 01:24:00 PM »

QUOTE(SRI-Sajuuk @ Dec 31 2006, 01:27 PM)

Yeah, No name is right, the 360 would ignore the exploit portion of the file, or ignore it altogether....

Damn you M$!

^^^^^^^
is that a good thing

Author Topic: Exploit In Jpg, Worth Trying? (Read 97 times)