Home » Forum » La tana del troll
Inviato da Other_Cody il Mar, 04/16/2024 - 21:51

Images as programs and other image code.

Nessuna risposta
Mar, 04/16/2024 - 21:51
Other_Cody
Other_Cody
Offline
Iscritto: 12/20/2023

I did not check the code yet, so this is why it is in the "Troll Lounge" but I found

https://trisquel.info/en/forum/malicious-pdf-file

a pdf file, maybe
and

https://trisquel.info/en/forum/selinux-and-interesting-warning-blag

an image file, was being typed about
and

a text file, I think
https://trisquel.info/en/forum/xz-backdoor-upstream

so I thought looking into malicious image payload after I remembered a video I once saw and forgot that it had a link to

https://github.com/Mr-Un1k0d3r/DKMC.git

in it that shows partly in the readme file

Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. The idea is to avoid sandbox analysis since it's a simple "legit" image. For now the tool rely on PowerShell the execute the final shellcode payload.

I do not think PowerShell is freedom supporting software, though I do not know what license it is under, if any.

I also do not know if this software has problems/malicious code in it, as I did not check the code yet.

But I see it is under the GNU General Public License version 3 of the License, or
(at your option) any later version.

It would be considered making obfuscated code, if it works, I think, but it is interesting if images other than qr codes and bar codes could also be part of a program.

Though making obfuscated code would likely not be "free as in freedom" source code.

https://www.gnu.org/philosophy/free-sw#make-changes

I do not remember why I was looking into putting code into images at the time I saw the video or if I just randomly found it.

I think some “nonfree” or “proprietary” game systems had a scanner for bar code.
https://en.wikipedia.org/wiki/Nintendo_e-Reader

I do not know free software games for code in images yet.

The Nintendo one likely runs proprietary software of some type in the hardware for both the reader and Game_Boy_Advance, though I do not know.

Even the code to make cards may be proprietary.
https://en.wikipedia.org/wiki/Nintendo_e-Reader#Dot_code

Data is encoded on the cards using "dot code", a specialized barcode technology licensed from Olympus Corporation.

There are "free as in freedom" emulators to make free games, though I do not know how to remove all non-free things from most "game-like" computers.

I think most, if not all, freedom supporting software at this time is not in images, as that is not likely anyone's "preferred form of the program for making changes in" though I do not know.

Source code is defined as the preferred form of the program for making changes in. Thus, whatever form a developer changes to develop the program is the source code of that developer's version.
https://www.gnu.org/philosophy/free-sw#make-changes

In cima
  • Login o registrati per inviare commenti
  • +1
    0
    -1
    Please use the rating system to mark posts that go against the Community Guidelines