Home  ›  How to Upload Zipped Images to Amazon

How to Upload Zipped Images to Amazon

Written By segunda-feira, 11 de abril de 2022 Add Comment Edit

With the Amazon Prime subscription you have many services such as Prime Video, Prime Music, Prime Pantry so on. You also have a plan with just 5GB of free space on Amazon Drive and unlimited infinite on Amazon Photos. And so, my question was: "What happens if I upload a file that isn't a photograph, making information technology believe that it is? What kind of checks do they do on the file?".

Some Tests

Starting time of all, I tried to upload a very huge file, a photo from NASA of 450MB just to cheque if in that location is any limit. The photograph was uploaded without problems. So I can upload a big backup, skillful. And yep, I could take read Amazon Drive Photo and Video File Requirements but I would like to endeavour by myself, because documentations aren't always updated.

The next stride was only change the extension of a file from .tar.gz to .jpg.

Prima prova con la semplice modifica dell'estensione ... Commencement effort with simple extension's renaming...

The file wasn't recognized as an epitome, and I saw information technology in the statistics of the 5GB Drive storage, plainly, as yous can come across in the following screenshot.

Changing the extension doesn't work. Irresolute the extension doesn't work.

The only method to endeavour was to create an ad-hoc file. No problem.

Craft The File

The outset thing that I tried to do is simply merge ii files: an image and a zilch package. I thought to bypass the checks with the header of the image file, but why nil bundle? Because I would similar to utilise this unlimited space for backups, and commonly zip packages are commonly used.

So, I tried with a JPG prototype merged with a Naught file following these steps:

  1. Create a ZIP file.
  2. Check the properties of the original JPG image.
  3. Merge the JPG image with the ZIP file.
  4. Cheque the properties of the new merged file.

This is the history of my Linux commands to create the merged JPG.

              ┌─[alesanco@parrot]─[~/Security/AmazonPhotos] └──╼ $ zero backup.zip node-v8.12.0.tar.gz notes.txt adding: node-v8.12.0.tar.gz (deflated i%) adding: notes.txt (stored 0%) ┌─[alesanco@parrot]─[~/Security/AmazonPhotos] └──╼ $ file securitygifts.jpg securitygifts.jpg: JPEG prototype data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length sixteen, baseline, precision viii, 1600x1200, frames 3 ┌─[alesanco@parrot]─[~/Security/AmazonPhotos] └──╼ $ true cat securitygifts.jpg fill-in.zip >> photo.jpg ┌─[alesanco@parrot]─[~/Security/AmazonPhotos] └──╼ $ file photo.jpg photograph.jpg: JPEG paradigm data, JFIF standard one.01, resolution (DPI), density 96x96, segment length 16, baseline, precision eight, 1600x1200, frames three

I've used the cat command to merge the files, but, with steganography, there are many better means to exercise information technology with high compression and obfuscated bytes, for instance with steghide or stegosuite. Anyway, as you tin run across, the properties of the new merged file was the same of the image. Even Amazon Photos thinks it'due south an image.

Crafted file is recognized as an image. Crafted file is recognized as an prototype.

Just using binwalk nosotros can see that information technology'due south not a normal epitome file.

              DECIMAL     HEX         DESCRIPTION ------------------------------------------------------------------------------------------------------------------- 0           0x0         JPEG image data, JFIF standard i.01 98327       0x18017     Zip archive data, at least v2.0 to extract, compressed size: 30154548, uncompressed size: 30393516, name: node-v8.12.0.tar.gz 30252952    0x1CD9F98   Zip archive data, at least v1.0 to extract, compressed size lx, uncompressed size: 60, proper name: notes.txt 30253247    0x1CDA0BF   End of Null archive, footer length: 22

Non a normal epitome file, but it was uploaded as a photo in the unlimited space, as you can see in the post-obit screenshot.

Unlimited space! Unlimited space!

To verify that Amazon doesn't strip or practice other things that could corrupt my file, I downloaded it, changed the extension to .zip and extracted the package.

I can extract all files! I tin can excerpt all files!

Information technology works. So, with a simple cat control, using a random image, I could upload whatsoever file into the unlimited free space, such as encrypted backups, videos, warez, etc.

File Upload Bug? Not For Amazon.

I contacted the Amazon Security Team, they answered me really fast, only they told me that "the Prime number Photos production team confirmed that this is currently working as designed".

Working as designed? And then, if I've a Prime subscription, with this method I potentially could apply Photos as backup storage without paying actress money, and this isn't a issues?

I don't know if it could exist considered a security bug, but for me it'south a problems and besides, I have unlimited free file storage at present. Amazon says it'south fine!

The prototype used to caput this article is called "Retro Camera" and was created by Michael Fugoso.

mendozahavendecked.blogspot.com

Source: https://www.secjuice.com/amazon-photos-unlimited-free-storage-for-any-file/

0 Response to "How to Upload Zipped Images to Amazon"

Postar um comentário

Assinar: Postar comentários (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel