ghacks Technology News

New Attack: Combine Files With Jar Scripts

A new attack, dubbed Gifar by their creators named after the two file types that they mixed to create the attack (Gif and Jar), was mentioned in a Black Hat Sneak Preview article over at ZDnet. While not everything was revealed in that preview article it mentioned that the developers were able to combine two file types like the previously mentioned gif and jar files so that the first, container file type, would be shown normally in the browser but that the Java applet would be executed at the same time.

Many file and image hosts filter dangerous file types. If you tried to upload a Jar file to most of them you would get an error message stating that the file type was not supported. Many however fail to analyze the file itself and simply reject files based on their extension which opens the door for this attack.

That’s a pretty dangerous exploit. Imagine someone who uses this to upload a new avatar to popular websites like Facebook or Myspace (two examples, I have not checked if the two use advanced upload filters). He could do all sorts of things with the Java Applet once users open up his profile page.

The only valid defense against this type of attack is to disable Java on the computer for the moment. Sun is already working on a fix although the researchers say that it is not Sun’s fault that this vulnerability exists.

Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook or Twitter.

Related Articles:

File Joiner, Combine .001, .002, .00x Files
Fix File Associations After Virus Attack
Microsoft Attack Surface Analyzer, Validate Apps Before Release, Deployment
8-foot long Star Wars Attack Cruiser
Neembu Uploader, File Upload Tool To Upload Files To Multiple File Hosters



About the Author:Martin Brinkmann is a journalist from Germany who founded Ghacks Technology News Back in 2005. He is passionate about all things tech and knows the Internet and computers like the back of his hand. You can follow Martin on Facebook or Twitter.

Author: , Friday August 1, 2008 -
Tags:, , , , , , ,

Previous Post: Skinnable Volume Controller 3RVX

Next Post: New Phishing Emails Emerge

Click on the following link(s) to read more about Browsing, Security, The Web

Responses so far:

  1. Chris says:
    August 1, 2008 at 8:45 pm

    I have heard of hiding files using winrar that combines them into a single picture, but usually the hidden features of the file can only be opened by changing the extension of the file.

    http://www.sizlopedia.com/2008/01/23/how-to-hide-important-files-inside-a-picture/

    Reply
  2. Martin says:
    August 1, 2008 at 8:50 pm

    Chris this one is different since both files are executed when the browser opens them. You see the image and think everything is fine while a Java applet is executed in the background.

    Reply
  3. Jonathan says:
    August 3, 2008 at 8:11 am

    Again, this is the exact reason I use Firefox with No-Script. I would never go back to IE or any other browser, unless they had a script blocking feature.

    Reply

Leave a Reply   Follow Ghacks   Subscribe To Comment Rss

Subscribe without commenting

 Ghacks Technology Newsletter 
Ghacks Daily Newsletter

Recent Posts


Follow This Blog

Ghacks Newsletter
RSS Feeds
Google+ Page
Facebook Fan Page
Twitter



Popular Articles

Popular Searches

Popular Tags

Topics

Links

About Ghacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular latest tech news sites on the Internet with five authors and regular contributions from freelance writers.

Services

Authors

Martin Brinkmann
Melanie Gross
Mike Halsey
Ryan D. Lang
Jack Wallen

© 2005-2012 Ghacks.net. All Rights Reserved. Privacy Policy - About Us