Hackers of India

Hacking with Images - Evil Pictures

 Saumil Shah 


Presentation Material

Hacking with Pictures - Hack.LU 2014 from Saumil Shah


This talk is put together with bits and pieces of my research in advanced exploit delivery mechanisms. What you see on your browser may not always be a pretty picture. In this talk, we explore how images can be used as active exploits. By shifting evil payloads to images, it is possible to defeat even the most sophisticated systems of threat detection. We shall see how exploits can be encoded in image pixels, executing Javascript through images, and lastly how vector images are being used in browser heap memory manipulation.