[SUB-S0NIX]

Not sure if this should have been in the coding section, but I didnt want to sound like a total n00b because I dont even know if this is possible. But what I want to know is, can one take a .mp3 file and place some kind of .exe in it and have it execute the .exe but still keep the official .mp3? No im not asking this so I can go around binding trojans and viruses to .mp3s, but most binders just take two files and make they into one .exe so they are no use. What im looking for is some thing that can keep a certain file format but also execute some kind of code when executed.


If this is possible, I am going to try this and see if I could use this on a PS2 to load PS2 applications and other stuff. I began thinking what could one do and make by them self without having to buy some proprietary boot disc just to swipe and load back up games. The reason I referred .mp3 is because one can burn a .mp3 file and a PS2 will read and load a .mp3, if one could then run the .mp3 but have a desired application embedded in the .mp3, then maybe the PS2 will load the code and run the application without the need for buying a proprietary boot disc!

[covance]

Pretty interesting concept, I am sure it COULD be possible, but I am not sure what you would need. What you need to think about is what you want to do, not exactly, abd then get the proper tools to do the job. Whether you use some programming language or scripting language is up to you. But if there is one thing I do know, is that the possibilties are limitless.

I am sure it will be possible, but I am no expert either. One thing is for sure, you need to find out all you can about the PS2 and how it process files; and then you will be able to figure out exactly what you need in order to accomplish what you want to do. Good luck! If you need some help, I will provide any that I can.


--covance

[duper]

If there's a memory management bug in the MP3 player you could probably mung the stack to execute some code of your choice and jump back into the stream decoding loop.

[SUB-S0NIX]

duper, on Jun 6 2005, 10:58 PM, said:

If there's a memory management bug in the MP3 player you could probably mung the stack to execute some code of your choice and jump back into the stream decoding loop.

Right, but then one would have to get the code for the media player. I know of no way to reverse engineer the PS2 to dump such code at the moment.

[k1dd10t]

it's not possible to execute code in a read-only environment

[tehbizz]

the technique is called Steganography and has been used for some years now. back in '00 i was placing things like Sub7 into mp3s and pictures and people were silly enough to run them.

PS - yes i just invalidated my "leetness" by openly admitting to having used Sub7 but that backdoor was the shit back in the day!

[Irongeek]

If it's on an NTFS file system you could use Aternate Data Streams. Here is some details from when I played with them awhile back:

http://www.irongeek....=security/altds

[SUB-S0NIX]

tehbizz, on Jun 14 2005, 01:52 PM, said:

the technique is called Steganography and has been used for some years now.  back in '00 i was placing things like Sub7 into mp3s and pictures and people were silly enough to run them.

PS - yes i just invalidated my "leetness" by openly admitting to having used Sub7 but that backdoor was the shit back in the day!

Hmm i remember reading about that but never found any type of application to help me place files into another file format. I have played with packers, that will pack two different files and make them a .exe .

Irongeek, on Jun 14 2005, 02:02 PM, said:

If it's on an NTFS file system you could use Aternate Data Streams. Here is some details from when I played with them awhile back:

http://www.irongeek....=security/altds

Thanks for the post I will look into this!

This post has been edited by SUB-S0NIX: 14 June 2005 - 05:11 PM

[Jberryman]

tehbizz, on Jun 14 2005, 01:52 PM, said:

the technique is called Steganography and has been used for some years now.  back in '00 i was placing things like Sub7 into mp3s and pictures and people were silly enough to run them.

PS - yes i just invalidated my "leetness" by openly admitting to having used Sub7 but that backdoor was the shit back in the day!

Usually steganography refers to, in cryptography, the act of hiding a secret message so that it is not apparent that there is anything hidden. For example you could hide an encrypted string of text in an image.
How exactly did you put sub7 "inside" an image and cause it to be run? Are you sure you didn't bind it and change the .exe's icon to that of a jpeg or mp3?

[K.H.O.]

Yes there is.

I got a kickass program called RAT packer, a RAT stands for remote access trojan(netbus, sub7, back orifice) but you can use it to place any exe into ANY file format.

K.H.O.

This post has been edited by K.H.O.: 15 June 2005 - 08:07 PM

[zeroxeal]

If I recall what you were speaking about will most likely only work on windows 98 boxes. I did some looking already and I'm going to ask some people. In the mean I know that persay a video file in the avi format can open a webpage, im sure at one point or another we have all seen this occour. There are however tricks you can use to hide files like netcat or another backdoor inside (or more or less onto) an existing file. Reasearch windows XP ADS or pm me for more info.

[Dr. Z2A]

K.H.O., on Jun 15 2005, 08:04 PM, said:

Yes there is.

I got a kickass program called RAT packer, a RAT stands for remote access trojan(netbus, sub7, back orifice) but you can use it to place any exe into ANY file format.

K.H.O.

link?

[K.H.O.]

Quote

If I recall what you were speaking about will most likely only work on windows 98 boxes

no it works with any OS that can open a .exe

Quote

link?

sorry man i have no clue where i got it but i could sent it to you if you want

K.H.O.

[SUB-S0NIX]

Hmm interesting.. Im not looking to pack trojans into mp3s and all that jazz. My main reason is I want to see if one could use such a method to run desired PS2s applications such as HDLoader and others. Another reason is this another to load code on the PS2 with out having to use the memory card exploit. K.H.O. if you can, can you please upload the program some where so we can download it? And dont be a dick head and bind some trojan or viri with it.. :(

[K.H.O.]

SUB-S0NIX, on Jun 16 2005, 07:16 PM, said:

Hmm interesting.. Im not looking to pack trojans into mp3s and all that jazz. My main reason is I want to see if one could use such a method to run desired PS2s applications such as HDLoader and others. Another reason is this another to load code on the PS2 with out having to use the memory card exploit. K.H.O. if you can, can you please upload the program some where so we can download it? And dont be a dick head and bind some trojan or viri with it..  :(

Ya sure, just tell me where..

[tehbizz]

Jberryman, on Jun 15 2005, 12:59 PM, said:

tehbizz, on Jun 14 2005, 01:52 PM, said:

the technique is called Steganography and has been used for some years now.  back in '00 i was placing things like Sub7 into mp3s and pictures and people were silly enough to run them.

PS - yes i just invalidated my "leetness" by openly admitting to having used Sub7 but that backdoor was the shit back in the day!

Usually steganography refers to, in cryptography, the act of hiding a secret message so that it is not apparent that there is anything hidden. For example you could hide an encrypted string of text in an image.
How exactly did you put sub7 "inside" an image and cause it to be run? Are you sure you didn't bind it and change the .exe's icon to that of a jpeg or mp3?

using a rudimentary packer i found at the time.

[SUB-S0NIX]

Upload it to uhhh.... www.mailfreeonline.com, go to there upload section and then paste the link in this thread.. Thanks..

[k1dd10t]

did you guys not read what i said? if you place code into an mp3 file, it will not get executed. the code that get's loaded will be in a read-only (non-exec, non-write) memory space.

your guy's talk about placing exe's into jpg's and having it run is bullcrap. don't bask in your own kiddieness.

[XxthugstylezxX]

k1dd10t, on Jun 18 2005, 12:47 AM, said:

did you guys not read what i said? if you place code into an mp3 file, it will not get executed. the code that get's loaded will be in a read-only (non-exec, non-write) memory space.

your guy's talk about placing exe's into jpg's and having it run is bullcrap. don't bask in your own kiddieness.

Did you not read the post? He is asking if its possible to put say a executable file and make say something like ps2 see it as a mp3 so it will open it. It'll read the .mp3 file that is actually a .exe and load it! Unless im mistaken and i misunderstud the post. There for haveing the ps2 read a executable file by makeing it think its a .mp3 at first. So see there is no code going into a mp3 file. Seems a little complicated but just might work. If you got it working it would be a awsome project you could write up a nice doc on.

This post has been edited by XxthugstylezxX: 18 June 2005 - 12:09 AM

[SUB-S0NIX]

XxthugstylezxX, on Jun 18 2005, 12:08 AM, said:

k1dd10t, on Jun 18 2005, 12:47 AM, said:

did you guys not read what i said? if you place code into an mp3 file, it will not get executed. the code that get's loaded will be in a read-only (non-exec, non-write) memory space.

your guy's talk about placing exe's into jpg's and having it run is bullcrap. don't bask in your own kiddieness.

Did you not read the post? He is asking if its possible to put say a executable file and make say something like ps2 see it as a mp3 so it will open it. It'll read the .mp3 file that is actually a .exe and load it! Unless im mistaken and i misunderstud the post. There for haveing the ps2 read a executable file by makeing it think its a .mp3 at first. So see there is no code going into a mp3 file. Seems a little complicated but just might work. If you got it working it would be a awsome project you could write up a nice doc on.

You have got the idea right. But it also depends on how the PS2 handles the code. If it recognizes a mp3 format and see code it might display a error or trying decoding the desired exe as if it were a mp3 and do nothing. What I wanted to do was create something that did not need any third party utilities such as Swap Disc or Game Shark to use the memory card exploit. Any ways I geuss we will see.. Also if the PS3 is capable of displaying images, then maybe one could run code using the jpeg exploit? Its a long shot but isnt that what hacking is all about experimenting and being creative?

This post has been edited by SUB-S0NIX: 18 June 2005 - 12:50 AM