corkami / mitra Goto Github PK
View Code? Open in Web Editor NEWA generator of weird files (binary polyglots, near polyglots, polymocks...)
License: MIT License
A generator of weird files (binary polyglots, near polyglots, polymocks...)
License: MIT License
I am looking into making the SVG module better, any tips? Do any of the SVG file polygots work? It looks like they are always failing because the input file lacks parasites and zipper
./mitra.py input/svg.svg input/gif87.gif -f --verbose
! File type 1 (SVG) doesn't support parasites.
! File type 1 (SVG) doesn't support zippers.
SVGs are forgiving, there are additional methods here:
https://blog.mindedsecurity.com/2015/08/pdf-based-polyglots-through-svg-images.html
You can use comment lines to do so
You could perhaps put an Archive in or use mitra as it's own logo on desktop systems
Great work! I'll try to create a polyglot file with a payload like this:
0x59657320535346325420776f726b6564206c696b65206120636861726d206f6e20612072616d6469736b203b2d29
When running mitra using a ZIP and PNG or JPG (in that order) it will not generate any file. (It will print both file names and then their type, but it wont provide the Stack and Parasite messages)
When reversing the order, you get the 2 files and the full message, however the ZIP is not recognized as a valid archive.
For testing purposes, I did get it to work using a PDF and ZIP, I am assuming there is an issue with PNG/JPG? Which seems odd as it is one of the files from the example.
Disclaimer: shameless advertising for a tool I developed.
In addition to file
as a detection tool, you can try polydet, a tool I developed with a friend when doing research about polyglots. It's empiric and only knows about a few selected file formats, but can detect "suspicious byte chunks" in these formats. It shows better results than file
(which it can use as a fallback) and TrID.
When doing a simple polyglot of a png and a zip file on a mac, it works perfectly.
When opening the png, it works fine. However, when trying to unzip it, it becomes a problem on a Mac OSX Catalina.
I am unable to unzip it simply by clicking it.
If I manually unzip it using the command line, I get this:
I know that this is the expected behavior of this wonderful program, but I wanted to get your thoughts on this and perhaps maybe there is a way to allow for no simple detection of polyglots.
PNG+ZIP
JPG+ZIP
JPG+7z
All generate an error while unzipping
End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive.
I have tried combining a PDF and an OGG. Mitra outputs the following:
f1.pdf
File 1: Portable Document Format
f2.ogg
File 2: Ogg [container]
... but no more, and no file is generated.
Can I get some more debug output?
Edit: I found the --verbose option. I get the following:
! File type 1 (PDF) can only host parasites at offset 0x30. File 2 should start at offset 0x0 or less.
And when swapping arguments:
! File type 1 (OGG) can accept parasites only of size 0xFFFF max. File 2 is too big (10FC13).
So I conclude that PDF+OGG is only supported by parasiting the PDF in the OGG, and only when the PDF is <64KiB.
Hi, Before anything, ur research was greate ...
I was try below steps to use the code:
and then test generated html and png in firefox in multiple ways... , But no alert shown on page :(
I use python3 + ubuntu 2021
I was read and watch all ur docs and I believe its true , can u make a video for bind js in image with default files in input folder .... or can u guess what is the problem ?!
I have solved the problem. The file is not complete when I unzipped it.
Hi !
I cloned the repo, am using python 3.6 and have no particular issue while using the script BUT, I just get nothing outputted.
I'm trying to "merge" ball2 into ball so that I have ball.jpg that can also be ball2.png once encrypted (or the other way around doesn't matter, by the way, why can't we do polyglots of same type ? png/png jpg/jpg for ex.)
am I missing something ?
What is the problem please?
python mitra.py picture.jpg backdoor.zip
Traceback (most recent call last):
File "mitra.py", line 3, in
from parsers import *
File "/pentester/mitra-test/parsers/bpg.py", line 24, in
assert ue7_encs(127) == b"\x7f"
AssertionError
Thank you :-)
So I "combined" a zip and a png file, took the png file that it gave me, renamed it to aaa.zip, opened it but error of 7zip/winrar saying its corrupted
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.