My favorite use of cat is hiding malware in images and gifs. Don’t worry, I’ve never actually deployed any malware over social media, I just know how to use cat (and a few other things) to do it.
The technique is called steganography, and the product is called stegomalware. The payload is concealed as part of some legitimate file, like the pixel data of an image file. It requires the reader software on the targeted system to already be infected, or to have a vulnerability that the payload can exploit.
My favorite use of
catis hiding malware in images and gifs. Don’t worry, I’ve never actually deployed any malware over social media, I just know how to usecat(and a few other things) to do it.Any writeup about how this works?
The technique is called steganography, and the product is called stegomalware. The payload is concealed as part of some legitimate file, like the pixel data of an image file. It requires the reader software on the targeted system to already be infected, or to have a vulnerability that the payload can exploit.
Low Level video: https://www.youtube.com/watch?v=89ysXVYH2Sk (one more reason to hate Webp)
Quick example by John Hammond: https://www.youtube.com/watch?v=JBIbL8zwZOs