General Community > Chit Chat

How can an image be a security risk?

(1/3) > >>

BigMike:
Hello SMF,

Sorry if this has been asked, it was difficult to search for this and couldn't find what I was after.

Simple n00b question: How can an image be a security risk?

I have disabled the "Re-encode potentially dangerous image attachments" feature (index.php?action=admin;area=manageattachments;sa=attachments) and am wondering why this is needed in the first place?

I understand if it is a PHP script that is uploaded, and then [ img ]...attachement...[ /img ] is used in a post, but in my list of "Allowed attachment extensions" I'm only allowing image files (jpg,gif,png,jpeg,bmp).

Is it possible to include PHP code in a GIF image for instance, that can be exploited with the [ img ] tag ? Or perhaps changing the extension of a PHP file to that of an image ?

Thanks for the enlightenment :D

Regards,
BigMike

Arantor:
Firstly, it is possible to encode HTML or even Flash into images - there are certain browsers that will ignore the details provided and actually process an image as an HTML or Flash object, which is a malware vector.

Secondly, yes, there are situations where in theory PHP files could be uploaded masquerading as images.

Kindred:
it actually was a known vector of a widespread hack...  spanned more than just SMF, too...

BigMike:
Thank you for the information guys :)

So does the "Re-encode potentially dangerous..." feature scan every uploaded file for any HTML/Flash/PHP/etc code, and only take action if something is found?

I was just looking through all my forum settings and came across this and was wondering how important it really is. I suppose my biggest concern is the loss of an animated GIF (if it is re-encoded as a PNG), but that's a small price to pay for enhanced security.

Thanks!
Mike

Arantor:
It scans everything and attempts to re-encode in the event of an issue.

There are two real issues: the first is the loss of animation, the second is if the original is a JPEG and the result PNG will be much larger.

Navigation

[0] Message Index

[#] Next page

Go to full version