Php-Jpeg-Injector - Injects Php Payloads Into Jpeg Images
Injects php payloads into jpeg images. Related to this post.
Use Case
You have a web application that runs a jpeg image through PHP's GD graphics library.
Description
This script injects PHP code into a specified jpeg image. The web application will execute the payload if it interprets the image. Make sure your input jpeg is uncompressed!
python3 gd-jpeg.py [JPEG] [PAYLOAD] [OUTPUT_JPEG]
e.g. python3 gd-jpeg.py cat.jpeg '<?php system($_GET["cmd"]);?>' infected_cat.jpeg
How it works
PHP code is injected in the null/garbage (brown) space after the scan header:
The new infected jpeg is run through PHP's gd-library. PHP interprets the payload injected in the jpeg and executes it.
![Php-Jpeg-Injector - Injects Php Payloads Into Jpeg Images](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjI_vvRhcOWsm7NisGmNpMdD1XzP9inhpXYRqtR0X2QwXr1oYWdj1rRgl44OzeGa5txupcBJXTHnuKGsxIPXaWzIoJULp9PysxGzEFMtFzMC3eA5a-i1m-3KV_E1tLdo7TyDKpJeLx-XBNB/s72-w640-c-h465/php-jpeg-injector_1-776367.jpeg)