Hello,

Thanks for the program. It seems limited to jpg only though. Also I tested it
and when I open the file in wordpad I am looking to see whatever text that
is inserted into plaintext. This program doesn't seem to do this.

Bassically I think I may have found a minor bug in netscape which may allow
html/script insertion.

Rename a image file to .txt and view it with netscape. Notice it loads like a image.
View source and you'll notice you see the code. I am curious that if I inserted
html/script if perhaps netscape will actually execute the code. This could
bring a new meaning to "dangers of posting images"

Curious if any plaintext steganography tools could assist in this testing.

Just a little theory I;m working on. Anyone care to help me out?

IE doesn't seem to read the file as a image but instead prints out the text.

- zenocgisecurity.com
www.cgisecurity.com

>
> wrjpgcom writes text comments into comment blocks of JPG files. It appears
> to be a relatively standard unix utility, and also comes with cygwin for
> win32.
>
> Phil
>
> > -----Original Message-----
> > From: zeno [mailto:bugtraqcgisecurity.net]
> > Sent: Wednesday, January 09, 2002 10:07 AM
> > To: webappsecsecurityfocus.com
> > Subject: Image question
> >
> >
> > Hey,
> >
> > Does anyone know of any steganography tools that insert data
> > as plaintext
> > and NOT encoded or encrypted? I have a theory on something
> > I'd like to test.
> >
> > Thanks,
> >
> > - zenocgisecurity.com
> >
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]