How does opening this jpg cause my computer to go crazy?
March 16, 2004 1:57 AM Subscribe
There is a site I came across with a file that causes your computer to go crazy when accessed. It is a JPG. Want to know how it works {More Inside}
the address is www.ssod.org/nude.jpg < -- warning visiting here may make it so that a reboot is the way outbr>
IT IS a .jpg file.. yet somehow attempting to access it (even trying to open it in Word executes it) makes it execute 100s of commands and opens millions of windows. 100s of Outlooks and Notepads start opening, and the computer generally goes crazy. It's a fun prank to pull on people, but I simply cannot understand how it works. Its an image file! How is it doing that!
Anyone? Any ideas? This is driving me nuts. Thanks!
the address is www.ssod.org/nude.jpg < -- warning visiting here may make it so that a reboot is the way outbr>
IT IS a .jpg file.. yet somehow attempting to access it (even trying to open it in Word executes it) makes it execute 100s of commands and opens millions of windows. 100s of Outlooks and Notepads start opening, and the computer generally goes crazy. It's a fun prank to pull on people, but I simply cannot understand how it works. Its an image file! How is it doing that!
Anyone? Any ideas? This is driving me nuts. Thanks!
Yeah, short version: Don't use IE.
Internet Explorer happily ignores the fact that it's an image/jpeg file and auto-detects it as html, and proceeds to run the javascript in it. This spawns lots of telnet, email and irc applications, which is probably enough to make your computer shit itsself, if Out of Memory handling isn't that nicely done.
posted by fvw at 5:15 AM on March 16, 2004
Internet Explorer happily ignores the fact that it's an image/jpeg file and auto-detects it as html, and proceeds to run the javascript in it. This spawns lots of telnet, email and irc applications, which is probably enough to make your computer shit itsself, if Out of Memory handling isn't that nicely done.
posted by fvw at 5:15 AM on March 16, 2004
Okay - so, I haven't gone to the address indicated by ac, even in Moz (I have enough trouble as it is, believe me), but I looked at the source file milov showed us, and I'm confused.
This is an html file with a Javascript... I wouldn't have thought any browser would open a file with a .jpg extension as an html file. So I tried renaming one of my local html files (that includes a javascript popup box) - "blah.html", let's say, to "blah.jpg", and then right clicked and chose "open with...IE", which wouldn't execute the Javascript. I got an html page with a red-"x" missing-image box. So why does the file ac encountered behave differently? Does it have to do with the version of IE being used? Or something else?
posted by taz at 6:23 AM on March 16, 2004
This is an html file with a Javascript... I wouldn't have thought any browser would open a file with a .jpg extension as an html file. So I tried renaming one of my local html files (that includes a javascript popup box) - "blah.html", let's say, to "blah.jpg", and then right clicked and chose "open with...IE", which wouldn't execute the Javascript. I got an html page with a red-"x" missing-image box. So why does the file ac encountered behave differently? Does it have to do with the version of IE being used? Or something else?
posted by taz at 6:23 AM on March 16, 2004
I bet they have their .htaccess file changed server-side in order to send .jpg files as html files. This assumes they are running apache, but if true, then it is Pretty Sneaky.
posted by plemeljr at 6:35 AM on March 16, 2004
posted by plemeljr at 6:35 AM on March 16, 2004
I was all set to explain how the people hosting this page were being real sneaky, and modifying the content headers to tell the browser that the jpg is content-type "text/html" instead of "image/jpeg", which would cause the browser to treat the file as a html page regardless of the fact that it's got ".jpg" at the end.
But then I checked the headers, and they're not even being that sneaky; IE is just being that trusting.
These are the headers they're sending:
HTTP/1.1 200 OK
Date: Tue, 16 Mar 2004 15:03:13 GMT
Server: Apache
Last-Modified: Sun, 15 Feb 2004 04:00:56 GMT
ETag: "4af1f-4710-25dfae00"
Accept-Ranges: bytes
Content-Length: 18192
Content-Type: image/jpeg
posted by ook at 7:00 AM on March 16, 2004
But then I checked the headers, and they're not even being that sneaky; IE is just being that trusting.
These are the headers they're sending:
HTTP/1.1 200 OK
Date: Tue, 16 Mar 2004 15:03:13 GMT
Server: Apache
Last-Modified: Sun, 15 Feb 2004 04:00:56 GMT
ETag: "4af1f-4710-25dfae00"
Accept-Ranges: bytes
Content-Length: 18192
Content-Type: image/jpeg
posted by ook at 7:00 AM on March 16, 2004
Good Lord. Unless this is a new exploit, Microsoft released a patch that resolved this issue nearly two years ago. You should probably run a Windows Update to eliminate this and a host of other gaping security holes to which you are presently vulnerable.
posted by Danelope at 8:07 AM on March 16, 2004
posted by Danelope at 8:07 AM on March 16, 2004
Ok, I went for it in IE6, Windows XP. I have all the latest updates and patches, just to be sure went to windowsupdate to make sure.
It displayed as an html file, and tried to send a few emails. I did have my finger on the 'End Task' button so it did not do much damage. But it sure is not something that was fixed years ago.
So, now on to Mozilla! Send in the troops if I am not back in 20 minutes.
posted by sebas at 8:22 AM on March 16, 2004
It displayed as an html file, and tried to send a few emails. I did have my finger on the 'End Task' button so it did not do much damage. But it sure is not something that was fixed years ago.
So, now on to Mozilla! Send in the troops if I am not back in 20 minutes.
posted by sebas at 8:22 AM on March 16, 2004
I love Mozilla:
"The image "http://www.ssod.org/nude.jpg" cannot be displayed, because it contains errors."
This is Mozilla 1.6 on Windows XP.
So you don't want to go there today with IE.
posted by sebas at 8:27 AM on March 16, 2004
"The image "http://www.ssod.org/nude.jpg" cannot be displayed, because it contains errors."
This is Mozilla 1.6 on Windows XP.
So you don't want to go there today with IE.
posted by sebas at 8:27 AM on March 16, 2004
*Lovingly pats Macintosh*
[*snarkily posts platformist taunt*]
posted by squirrel at 9:07 AM on March 16, 2004
[*snarkily posts platformist taunt*]
posted by squirrel at 9:07 AM on March 16, 2004
taz, although in this particular case it's simply a browser bug at work, in fact the file extension (in theory at least) is irrelevant. It is the mime-type set in HTTP headers by the server that tells the browser what kind of content it's about to get. Hence plemejr's explanation.
This is why dynamically generated content can have all sorts of weird extensions, like .aspx, .pl, .xyz, but your browser knows what to do - the server has told it "it's text/html" or "it's image/png" or whatever.
IE going by the extension is definitely a bug, not a feature.
posted by i_am_joe's_spleen at 12:33 PM on March 16, 2004
This is why dynamically generated content can have all sorts of weird extensions, like .aspx, .pl, .xyz, but your browser knows what to do - the server has told it "it's text/html" or "it's image/png" or whatever.
IE going by the extension is definitely a bug, not a feature.
posted by i_am_joe's_spleen at 12:33 PM on March 16, 2004
Response by poster: Danelope, I have XP Pro SP1 with IE6 SP1 and every single patch under the sun installed.....
So I guess it was some server trickery.. thats quite an amazing site. Great prank to play.
And squirell.. get out. That's not funny, and does not add to or help the conversation in any way. Please just go back to wherever you came from.
posted by ac at 1:41 PM on March 16, 2004
So I guess it was some server trickery.. thats quite an amazing site. Great prank to play.
And squirell.. get out. That's not funny, and does not add to or help the conversation in any way. Please just go back to wherever you came from.
posted by ac at 1:41 PM on March 16, 2004
IE goes neither by extension nor by mimetype (autodetection fails), it just looks at the first bit of the file and sees if it looks like any specific kind of file. Which is why this jpg is happily being recognised as HTML. IE has done this for a very long time, Microsoft is aware of this behaviour and has no intentions to change it.
posted by fvw at 4:17 PM on March 16, 2004
posted by fvw at 4:17 PM on March 16, 2004
Yeah well mozilla has it's share of bugs too... for example I came across this code in a page:
<img src="telnet://ftp.cdrom.com" width="1" height="1">
...that'll pop up a telnet window and try to connect. Not pleasant. Put a hundred of those in a page and drive a mozilla user nuts. The code does nothing in IE. Most people haven't come across it since mozilla is less common.
posted by bobo123 at 6:36 PM on March 16, 2004
<img src="telnet://ftp.cdrom.com" width="1" height="1">
...that'll pop up a telnet window and try to connect. Not pleasant. Put a hundred of those in a page and drive a mozilla user nuts. The code does nothing in IE. Most people haven't come across it since mozilla is less common.
posted by bobo123 at 6:36 PM on March 16, 2004
This thread is closed to new comments.
view-source:www.ssod.org/nude.jpg(in Firefox, to be safe) reveals that it's actually a javascript that tries to do all sorts of nasty stuff.posted by milov at 2:39 AM on March 16, 2004