polyglot file

A polyglot file is a file that is more than 1 type of file at the same time. Polyglot files take advantage of the fact that (binary) computer files are all just stored as binary data (bits is bits). Some files expect to start at file offset 0 (the beginning of the file). while other files may try to find specific data inside of the file that says where the file data starts, while other files may be very flexible about where they start.

By carefully aligning file data, it is possible to create a file that is valid as multiple file types.

For instance, the following commands can be run on Linux to create a file that is simultaneously the JPG file "a.jpg" and ZIP file "b.zip". The resulting polyglot file will be called "polyglot.gif.zip".

Some File Formats That Start at Offset 0

JPG

PNG

NES

Some File Formats That Search for the Starting Offset

ZIP

7z

RAR

Some File Formats That Are at Least Somewhat Flexible About the Starting Offset

PDF

HTML

Examples of Polyglot Files

Ange Albertini has made many a lot of polyglot files, many of which are featured in issues of the International Journal of "Proof-of-Concept or Get the F**k Out" (PoC||GTFO) are polyglot files, with different issues starting from Issue 0x01 featuring different types of polyglot files. Some examples of PoC||GTFO polyglot files are:

Issue 0x04 - TrueCrypt Volume, ZIP, PDF

Issue 0x07 - BPG, HTML, ZIP, PDF

Issue 0x14 - NES ROM, ZIP, PDF

Issue 0x17 - Apollo Guidance Computer Program, ZIP, PDF

International Journal of "Proof-of-Concept or GTFO"

Others have also contributed polyglot files to PoC||GTFO, including myself in issue 0x18 section 4 in an article titled "Concealing ZIP Files in NES Cartridges".

In my git repository "gb-nes-pdf-html-zip", all of the files in the "bin/" directory are simultaneously Gameboy ROM, NES ROM, PDF, HTML, and ZIP files. As shown below, they all have the same SHA256 sum. This is because they are all bit for bit the exact same file.

gb-nes-pdf-html-zip git repository

Incoming Wiki Links

{index}