JUST CRASHED SYSTEM USING IMAGE AND GOT BOUNTY $ 500
1 min read
Summary
A hacker has shared details of how they exploited a system using an image, ultimately earning a $500 bounty.
The vulnerability is due to flaws in image-processing libraries that do not validate dimensions before allocating memory, making them susceptible to attack.
By tampering with the metadata, the hacker increased the dimensions of a 5KB image to 64250x64250 pixels, leading to excessive memory allocation that crashed the system.
The hacker posted the exploit on a platform for ethical hackers, suggesting that others could earn quick and easy money by replicating the vulnerability.
The post has since been removed or made private, suggesting the platform deemed the original content inappropriate.