Exif Smuggling
Summary
Exif Smuggling is a proof-of-concept attack that hides an executable payload inside a JPG's Exif data, enabling passive download via browser image caching without additional network requests.
View Cached Full Text
Cached at: 06/10/26, 12:22 AM
signalblur/exifsmugglingpoc
Source: https://github.com/signalblur/exifsmugglingpoc
Exif Smuggling
A Proof-of-Concept evolution of Cache Smuggling. This attack conceals an executable payload inside a JPG’s Exif data. As a result, image caching (such as that of a Web Browser) can be used to passively download the payload.
As a result, the example loader (chrome_poc.ps1) does not need to make any internet requests to fetch the second stage payload.
Instead, it simply extracts it from the Chrome browser’s cache.
For full details see: https://malwaretech.com/2025/10/exif-smuggling
Example Usage
Convert PowerShell Loader to ClickFix Command
python3 build_clickfix_cmd.py --input-file chrome_poc.ps1 --output-file encoded_command.txt --fake-path "C:\test\doc.txt"
Embed payload dll inside arbitrary JPG
python3 exif_smuggling.py --input-file image.jpg --output-file payload.jpg --payload hello_world.dll
Example Phishing page
www/index.html
Similar Articles
Microsoft Copilot Cowork Exfiltrates Files
A security vulnerability in Microsoft Copilot Cowork allows attackers to exfiltrate files by exploiting prompt injection that triggers external image requests, potentially leaking pre-authenticated download links.
Config Files That Run Code: Supply Chain Security Blindspot
Config files for IDEs, AI coding agents, and package managers can execute code automatically, creating a supply chain security blindspot. The article details the Miasma worm attack that uses such config files to drop malware, and provides examples of injection vectors.
Show HN: Exploiting Slack's video embeds to achieve E2EE communication
This article describes a proof-of-concept tool that exploits Slack's video embed feature to achieve end-to-end encrypted messaging within Slack, using browser crypto and openpgpjs.
Arbitrary code execution in objdump -g
A security vulnerability in objdump -g allows arbitrary code execution via a crafted FR30 object file due to a missing bounds check in the FR30 relocation handler, with a single-shot exploit that defeats ASLR and other mitigations.
A hash proves the bytes, not the source
Collider 1.3.0 adds path traversal protection for repository indices and strips bearer tokens on cross-origin redirects to prevent security vulnerabilities.