executing code in a different file

closed account (zwA4jE8b)
So I understand that a method used by some virii is to run code that is say attached to a picture that has been cached from visiting a website.

How does a program run such code?

For example, I attach the binary for MOV eax, 5 or whatever to the end of a .jpg

I write a program that has the .jpg size and where my binary is located hard coded into the app. but how does the program run that code?

Is this code injection?
Last edited on
They exploit vulnerabilities in library code -- usually buffer overflows -- to overwrite code or stack data, thus allowing the execution of arbitrary code. This is the main reason not to use scanf().
closed account (zwA4jE8b)
huh, that is beyond me.
closed account (zwA4jE8b)
So the arbitrary code could be read into a char array, then a buffer overflow would change a functions return address to the char array.
For example, yes.
closed account (zwA4jE8b)
cool, thanks, I am not writing a virus, but find it fascinating. I found a good text about it at destroy.net
Topic archived. No new replies allowed.