2

for those who don't know, the PNG format in WinXP MS Paint is actually extended.
the format is supplied via mfc42u.dll found in system32/

with this in mind, it may be possible to write an exploit to add extended support for even more formats, and quite possibly custom formats.

Edited by DarkPikachu

5
Contributors
14
Replies
74
Views
2 Years
Discussion Span
Last Post by DarkPikachu
0

verified, I can't open anything but BMP, and gdiplus.dll (from WinXP system32) does not add readability.

0

well this guide lists averything associated:
https://yauritux.wordpress.com/2011/03/24/running-ms-paint-on-linux/

I've done some hex editing and found those names in mspaint.exe along with some ADVAPI stuff, though I believe that's just stuff for the dialogs and such which should be included with wine.

other DLLs include (though are not limited to): (copied directly from HxD)
- MFC42u.DLL
- msvcrt.dll
- ADVAPI32.dll
- KERNEL32.dll
- NTDLL.DLL
- GDI32.dll
- USER32.dll
- comdlg32.dll
- ole32.dll
- OLEAUT32.dll
- SHELL32.dll
- IMM32.dll

Edited by DarkPikachu

0

ok, so here's something interesting...
I didn't realize there was actually much more extended support than just PNG

here's MS Paint on XP:
http://lh3.ggpht.com/-dJ9mZU_C0y0/VVPoQpPv0iI/AAAAAAAAJGM/QHtnFnJNKyo/s843/paint_XP.png

and here's MS Paint on linux with mfc42u and gdiplus:
http://lh3.ggpht.com/-T_aoyd3xUk8/VVPoQTTWo5I/AAAAAAAAJGM/N_G8J1u_fTc/s1152/paint_linux.png

even with PNG support, there's still alot of support that's missing.

and no, they're not 2 different versions of MS Paint.
my XP installs crummy Paint.NET which deletes mspaint.exe
(I hate Paint.NET, it can't do crap unless you can work with editing images using MSO Word)
^ how TF do people consider this program "good"! >:O

so the mspaint.exe I'm using comes from an adware installer that doesn't work properly on linux and just gives me the files before freezing.
(I deleted it and can't remember what it was called ("Paint XP" or something), but it includes both versions from win98 and XP)
Why TF do you need a "Program Files/" installer in the first place, mspaint.exe runs off a freakin flash drive!
lol

so anyways, I have it synced between all of my compys here:
https://copy.com/xwScG63AsdKEiQz0

0

xp has so many exploits out there .. many of which are freely available. If you still use XP as your OS you deserve to be punished and banned from the internet :D

-2

If you still use XP as your OS you deserve to be punished and banned from the internet

excuse me good sir, but I do believe you're not a windows hacker,
and you certainly don't know how much less safe you are with the newer kernels.

for example, complete remote computer control and user lock out implemented directly in the kernel by your beloved MS with no plans to remove (that I have not yet heard anyways).
I do believe Win10 will also include what I call "User Control" by MS's kernel RAT, but that has yet to be looked into.

at least I can know when an exploit tries to run on my system, thanks to Comodo HIPS set to paranoid mode.
(if anything tries to run, it has to get through me, Avast, and Comodo)

one thing that will keep you safe, delete Internet Explorer as malware tends to use that to blindly install content on your system.

to top things off, I use Chromodo for my browser with extended protection from malicious and rouge web content.

you might want to know, Win7 connected to the net can simply infect itself through it's own interfaces without using anything.
(XP doesn't have this kind of potential as nothing's that automated (you have to actually use IE before you will infect yourself on XP))
^ bad email clients also apply, but I don't use local email.

viruses can now roam more freely with MS's new automated interfaces.

I've spent years looking into this stuff, so don't think I don't know ;)

EDIT:
Stewie: HEY! ... Shut up!

lol

Edited by DarkPikachu

1

excuse me good sir, but I do believe you're not a windows hacker,

WRONG .. in fact I am ..

your beloved MS

Only time I run MS OS is when I need to test an exploit or reverse engineer usually malware(IDA PRO and few others dont run on linux)

(if anything tries to run, it has to get through me, Avast, and Comodo)

You are joking right?

Internet Explorer

You're right, quite some exploits and zero days but good thing is most of them are not available to skiddies like you(yet)

I've spent years looking into this stuff, so don't think I don't know ;)

say what? Seems like you would need to spend some more years

Edited by Slavi

0

WRONG .. in fact I am ..
say what? Seems like you would need to spend some more years

alright, I can accept, and I'm sorry I doubted. :)

Only time I run MS OS is when I need to test an exploit or reverse engineer usually malware

ok cool, very sorry I doubted, I'd like to know what you know :)
I only use XP as a Windows test platform for my python programs, and to hack to do cool stuff with.
(for example, I want to port DX11 to run on XP)

You are joking right?

yes Avast sucks, and Comodo isn't the best either, IK.
but it's certainly better than not patching anything.

heck, Comodo may not be the best, but it certainly catches 10 to 20x more than Avast.
the only reason I use Avast is for an added layer to catch some things Comodo might miss.

If you still use XP as your OS you deserve to be punished and banned from the internet

I still disagree though.
yes, XP is bad, but it certainly isn't worse than Win7
(considering the new more destructive viruses and such that won't even work on XP)

0

could I get an admin to delete these last 5 comments plz (including this one) for being off topic.

sorry about earlier, it won't happen again.

thanks

0

heh, well alright then, if it's interesting then that wipes away everything I had against it. :P

0

looks like I got 2 people taking my joke post seriousely, so here's to help them understand.

none of that post was meant to harm anyone, including the assumed part:

excuse me good sir, but I do believe you're not a windows hacker

I only said that due to the numberous amounts of people who try to critisize me when they know nothing about why it's NOT wize to use a newer Windows OS.
most of them are complete windows noobs who are playing MS's business game with the software devs playing right along with them.

stuff like DX11 and newer .NET builds CAN be hacked into WinXP, though I currently don't have any knowledge of how.
(although REAL programmers use non-limited cross-platform resources)

I had an argument with a steam developer writing an NES game using DX11 (instead of the more than capable DX9), and he tried to tell me off when I knew better.

no, MS is just freakin lazy and would rather milk you of your money (the money they don't need), instead of simply trying to improve something and make something good for everyone.
no they'd rather try to control the market and their users.
(I just get so P'd at that fact)

also, I AM a windows hacker, but I'm still on the noob level of hacking because I prefer to do things like an OpenGL 3D desktop "game".
(basically imagine opening Chrome and Blender in minecraft, or your favorite FPS)

I'm not like the low-life hackers who try to steal your valuable information, I hack to do something cool.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.