[ - ] Prairie 1 point 1.8 yearsSep 19, 2023 20:59:03 ago (+1/-0)
On my Firefox I can disable webp by setting about:config image.webp.enabled to false. Test on this webp example page. Load the page before disabling, then confirm that disabling and refreshing shows no images on the right side.
Here's what linux says about your "datastreams" which I guess is just your weird little name for files. Looks like you just renamed them from webp to jpg, etc.
There is no such thing as html datastreams. That is retard tier bullshit. Now if you had said hypertext transfer protocol I might have thought about it but there is no "streaming" in downloading a file. You are retarded.
Its' a file download. Stream has very specific meanings and this aint it. Look what you've "found" is weaknesses in some libraries that allow code execution. The trick is to just patch your os/apps. This literally happens ALL THE TIME. Buffer overflows have been around forever.
Now you could say they frequency of chrome based libraries being vulnerable or apple libraries or whatever and I'd agree with that but your flowery language makes you sound off the rails crazy and your conclusions about it being specific to webp are nutso.
This has happened with pdf files, jpg, png, EVERY FUCKING FILE FORMAT. There is nothing different about webp and this literally happens all the time.
Explain the process of how this file will "root" a computer? If buffer overflow, what program exactly is having the overflow? Are you saying the program will gain administrative rights and then use those rights to write to the BIOS/UIFE? How exactly does it reach/write to this part of the computer? If it does, what does it overwrite do exactly, turn on processer over clicking? Are you saying that the BIOS has enough room for a script to setup a back door with the correct ethernet drivers for every computer in order to connect to the Internet? What about wifi, how does this program get the ssid/password? I have lots of questions on how this works.
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:33:45 ago (+1/-0)
Looks like just an ordinary webp library vulnerability in Chrome. Why do you think you need to change it to rename the file to jpeg? Lol. You are retarded.
Vulnerabilities happen every single day. Zero day exploits happen a ton too. You're spurging out because you hate webp and think it's somehow different.
Derp.
Guy sees a cve with a vulnerability and sees programmers use the word datastream and thinks he's figured something out. In the world of programming a stream is just bytes being read or written. That's why it's referenced that way. It doesn't matter for us though, it's literally just a specially crafted file.
TL/DR: I can root 90% of you , across tor or VPN, using a funny meme image this week.... but wont.
Given that the default behavior of browsers is auto-update of security patches, and this has already been patched by the major browsers, no, you can't.
Nahh...nothing big at all and also unrelated to your webp craziness. There is a reason it's named zeroday. Now the fact that you can just be sent a message and be exploited is interesting BUT ALL PHONES ARE ROOTED AT THE MANUFACTURER so meh.
Just assume your phone is rooted.
If you want security, unplug from the internet. Even then though there are ways around it.
Nothing is truly secure there are just varying degrees.
Besides, why are you so concerned. Lots of people have micropenises. Just stop taking pictures of it.
You seem to be stuck on this webp vs jpeg thing as well. There is no difference in getting rooted by either. It could happen with either format. In fact, your nice cozy feeling about jpeg is perfect for getting rooted. I just need to look at the libraries that open it and exploit vulnerabilities in those.
At a basic level this post is absurd. A "fake jpeg" won't open a webp library. That's just stupid. It will simply say it's not a jpeg.
This reads like a shizo that just hates new formats.
Here's a simple solution. Don't give a fuck if you're rooted or not. Just assume all your shit is already rooted and hacked from the factory. I mean that's where they would start.
How can they spy on me if I don't give a shit if they have my data or not. Is it even spying then.
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 18:56:06 ago (+1/-0)
I apologize. You're even more retarded than I thought. You figured out how to change the name of a file extension.
Here's what linux says about your "datastreams" which I guess is just your weird little name for files. Looks like you just renamed them from webp to jpg, etc.
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:03:15 ago (+1/-0)
Let's put your "hack" to the test. How does opening any of these files root my computer. Explain the exact process including the hooks and what exact vulnerability just one of the "datastreams" exploits in lets say the latest version of Chrome. You call them datastreams and the rest of us will call them files.
So pick one of you files and explain the exact process.
I gave you a dozen links. YOu can google the exploit and issues. A Malformed WebP pretending to be a jpg or png escapes validation, but is renderered anyways , but the rendering crashes in a special way using a special hufffman table containing root code when table misses a sizing check : https://archive.ph/JXsNR
I cant teach you more than that. YOu were proven wrong when you erred claiming :
A "fake jpeg" won't open a webp library. That's just stupid. It will simply say it's not a jpeg.
I proved you wrong with actual links and news articles
fuck this shit. Is everyone on this site a disenchanting paid shill?
fuck it.
I tried to help out today.
MANY MEMES ON THIS SITE CAN POSSIBLY ROOT YOUR PHONES AND COMPUTERS
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:22:27 ago (+1/-0)
You haven't proven anything. You've spurged out about webp thinking something is unique to that. If you have a common library that opens both webp and jpeg then sure, your super tricky jpeg fake could apply but it's just beyond retardation. It's just a vulnerability in a library. It literally happens all the time but somehow in your mind you've conflated it with jpeg good, webp bad.
If I have a library that only opens jpegs I assure you it has zero clue how to open webp.
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:25:08 ago (+1/-0)
What makes you think it's specific to this site? No one gives a shit about this site or it's members. Also, every single one here is already known anyhow including you. They don't need to specially craft a webp image to do that.
Very little on the Internet is truly anonymous. Who really cares?
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 20:00:11 ago (+1/-0)
Look, you're excited about a new vulnerability and some zero days. I get it. The thing is, why do you think these people need to even send you a file. They can literally jump right through your router to any box you have on your network with no specially crafted webp or anything.
All firewalls and routers are just nice zombies for them. Also, the computer you're typing this message on is already rooted. Sorry to inform you.
Also, your micropenis isn't really that interesting and your white nationalist views and mine are very much encouraged by jews and Israelis. It really helps in their campaigns to get more power.
[ + ] jigganiggaboo
[ - ] jigganiggaboo 1 point 1.8 yearsSep 19, 2023 22:02:57 ago (+1/-0)
[ + ] Prairie
[ - ] Prairie 1 point 1.8 yearsSep 19, 2023 20:59:03 ago (+1/-0)
[ + ] Prairie
[ - ] Prairie 2 points 1.8 yearsSep 19, 2023 20:54:14 ago (+2/-0)
[ + ] GayPatriot1969
[ - ] GayPatriot1969 -2 points 1.8 yearsSep 19, 2023 20:12:01 ago (+0/-2)
[ + ] Ex_hack
[ - ] Ex_hack 0 points 1.8 yearsSep 19, 2023 22:38:56 ago (+0/-0)
[ + ] rzr97
[ - ] rzr97 2 points 1.8 yearsSep 19, 2023 18:53:00 ago (+2/-0)
file *
8c9yhf.webp: RIFF (little-endian) data, Web/P image
ddeg49.png: RIFF (little-endian) data, Web/P image
eg31i3.jpeg: RIFF (little-endian) data, Web/P image
v2f4PlioRtGj.png: PNG image data, 1200 x 900, 8-bit/color RGB, non-interlaced
[ + ] Deleted
[ - ] deleted -5 points 1.8 yearsSep 19, 2023 18:55:18 ago (+0/-5)
[ + ] rzr97
[ - ] rzr97 4 points 1.8 yearsSep 19, 2023 18:57:33 ago (+5/-1)*
[ + ] Deleted
[ - ] deleted -2 points 1.8 yearsSep 19, 2023 19:08:42 ago (+1/-3)
[ + ] rzr97
[ - ] rzr97 4 points 1.8 yearsSep 19, 2023 19:13:13 ago (+5/-1)
Now you could say they frequency of chrome based libraries being vulnerable or apple libraries or whatever and I'd agree with that but your flowery language makes you sound off the rails crazy and your conclusions about it being specific to webp are nutso.
This has happened with pdf files, jpg, png, EVERY FUCKING FILE FORMAT. There is nothing different about webp and this literally happens all the time.
Relax.
[ + ] root
[ - ] root [op] -4 points 1.8 yearsSep 19, 2023 19:23:46 ago (+0/-4)
This hour I can send you a PDF with a special WebP in it and ROOT YOU!!!! (yes PDF can contain WebP)
This hour I can send you a EPUB ebook and ROOT YOU!!!! (Yes epubs are just zips ith jpb and WebP)
This hour there are fucking 10 ways I could root your machine, but wont!!!
Do you think I revealed EVERYTHING in this thread? NO. But I only tell 100% facts and truth.
90% of world this hour can be hacked by FBI MOSSAD and even me
This hour!
[ + ] rzr97
[ - ] rzr97 4 points 1.8 yearsSep 19, 2023 19:26:02 ago (+4/-0)
[ + ] rzr97
[ - ] rzr97 2 points 1.8 yearsSep 19, 2023 19:42:06 ago (+2/-0)
https://github.com/webmproject/libwebp
[ + ] Swej_Ehtsag
[ - ] Swej_Ehtsag 2 points 1.8 yearsSep 19, 2023 20:16:28 ago (+2/-0)
[ + ] rzr97
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:33:45 ago (+1/-0)
Vulnerabilities happen every single day. Zero day exploits happen a ton too. You're spurging out because you hate webp and think it's somehow different.
Derp.
Guy sees a cve with a vulnerability and sees programmers use the word datastream and thinks he's figured something out. In the world of programming a stream is just bytes being read or written. That's why it's referenced that way. It doesn't matter for us though, it's literally just a specially crafted file.
You'll be ok man. Stop taking all those shrooms.
[ + ] chrimony
[ - ] chrimony 2 points 1.8 yearsSep 19, 2023 19:06:12 ago (+2/-0)
Given that the default behavior of browsers is auto-update of security patches, and this has already been patched by the major browsers, no, you can't.
[ + ] BitterVeteran
[ - ] BitterVeteran 2 points 1.8 yearsSep 19, 2023 18:47:57 ago (+2/-0)
[ + ] rzr97
[ - ] rzr97 3 points 1.8 yearsSep 19, 2023 18:54:42 ago (+3/-0)
[ + ] chrimony
[ - ] chrimony 1 point 1.8 yearsSep 19, 2023 19:09:29 ago (+1/-0)
It's actually a legit zero day that came out last week, but OP is a spaz:
"Chrome, Firefox and more caught with their WebP down, offer hasty patch-up"
https://www.theregister.com/2023/09/12/chrome_browser_webp_exploit/
That's all he had to post.
[ + ] Deleted
[ - ] deleted -2 points 1.8 yearsSep 19, 2023 19:11:52 ago (+1/-3)
[ + ] rzr97
[ - ] rzr97 2 points 1.8 yearsSep 19, 2023 19:17:30 ago (+2/-0)
Just assume your phone is rooted.
If you want security, unplug from the internet. Even then though there are ways around it.
Nothing is truly secure there are just varying degrees.
Besides, why are you so concerned. Lots of people have micropenises. Just stop taking pictures of it.
[ + ] rzr97
[ - ] rzr97 2 points 1.8 yearsSep 19, 2023 19:19:42 ago (+2/-0)
Wait I'm sorry, the datastream...oooooh.
[ + ] Prairie
[ - ] Prairie 1 point 1.8 yearsSep 19, 2023 20:55:23 ago (+1/-0)
Wait, it wasn't about those? What was it about then?
[ + ] rzr97
[ - ] rzr97 2 points 1.8 yearsSep 19, 2023 18:47:17 ago (+2/-0)
This reads like a shizo that just hates new formats.
Here's a simple solution. Don't give a fuck if you're rooted or not. Just assume all your shit is already rooted and hacked from the factory. I mean that's where they would start.
How can they spy on me if I don't give a shit if they have my data or not. Is it even spying then.
Someone is obsessed with poal and hates webp.
[ + ] Deleted
[ - ] deleted -2 points 1.8 yearsSep 19, 2023 18:53:31 ago (+0/-2)
[ + ] rzr97
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 18:56:06 ago (+1/-0)
Here's what linux says about your "datastreams" which I guess is just your weird little name for files. Looks like you just renamed them from webp to jpg, etc.
file *
8c9yhf.webp: RIFF (little-endian) data, Web/P image
ddeg49.png: RIFF (little-endian) data, Web/P image
eg31i3.jpeg: RIFF (little-endian) data, Web/P image
v2f4PlioRtGj.png: PNG image data, 1200 x 900, 8-bit/color RGB, non-interlaced
[ + ] rzr97
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:03:15 ago (+1/-0)
So pick one of you files and explain the exact process.
[ + ] root
[ - ] root [op] -2 points 1.8 yearsSep 19, 2023 19:19:26 ago (+0/-2)*
I cant teach you more than that. YOu were proven wrong when you erred claiming :
I proved you wrong with actual links and news articles
fuck this shit. Is everyone on this site a disenchanting paid shill?
fuck it.
I tried to help out today.
MANY MEMES ON THIS SITE CAN POSSIBLY ROOT YOUR PHONES AND COMPUTERS
[ + ] rzr97
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:22:27 ago (+1/-0)
If I have a library that only opens jpegs I assure you it has zero clue how to open webp.
[ + ] rzr97
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 19:25:08 ago (+1/-0)
Very little on the Internet is truly anonymous. Who really cares?
[ + ] Deleted
[ - ] deleted 1 point 1.8 yearsSep 19, 2023 18:26:03 ago (+2/-1)
[ + ] Deleted
[ - ] deleted -1 points 1.8 yearsSep 19, 2023 19:04:52 ago (+1/-2)
[ + ] rzr97
[ - ] rzr97 2 points 1.8 yearsSep 19, 2023 19:40:47 ago (+2/-0)
Care to discuss C++ with me so you can explain things in detail with your exploits or even C for that matter?
[ + ] Deleted
[ - ] deleted -2 points 1.8 yearsSep 19, 2023 19:56:09 ago (+0/-2)
[ + ] rzr97
[ - ] rzr97 1 point 1.8 yearsSep 19, 2023 20:00:11 ago (+1/-0)
All firewalls and routers are just nice zombies for them. Also, the computer you're typing this message on is already rooted. Sorry to inform you.
Also, your micropenis isn't really that interesting and your white nationalist views and mine are very much encouraged by jews and Israelis. It really helps in their campaigns to get more power.
Keep it up! Why would they want you to stop?
[ + ] Deleted
[ - ] deleted 1 point 1.8 yearsSep 19, 2023 19:15:26 ago (+2/-1)
[ + ] FacelessOne
[ - ] FacelessOne 6 points 1.8 yearsSep 19, 2023 18:08:11 ago (+6/-0)