Gmail Attachment Filter

I ran across something interesting today. A friend asked me to send him a certain exe to his email. Not thinking much about it, I composed an email on my gmail, attached the exe, hit send and then seen an error in which basically told me google doesn’t allow exes to be sent through gmail.

Irritating enough, but seemingly familiar, I decided to ‘get smart’ and zip the exe in a folder and send it. Same thing.

!@#$%

I also tried gzipping the archive and sending it.. didn’t work either.

I finally compressed the folder+exe to make a bz2 archive and sent it away. Worked like a charm.

Where was Google attachment filters then!? *grin*

Share
  • http://www.BeyondSecurity.com Aviram

    Yup, the gmail filter is kinda strange. Ido did a bunch of experiments a few years ago (apparently not much has changed):
    http://blogs.securiteam.com/index.php/archives/146

  • http://tssci-security.com Marcin

    Next time, just base64 encode it or gpg it.

  • http://rafelivgi.blogspot.com/ Rafel Ivgi

    dude just use winrar to make a rar+password+”encrypting file names in archive” :)

  • fevikul

    or just plain RAR it?
    rename from test.exe to test.exe.jpg and upload ?

  • Jeff

    Or just rename the file to .ex_ or .renametoexe or something?

    So long as the recipient can handle renaming the file, it’ll work just fine. If you have a recipient who can handle using RAR or GPG, surely they can handle renaming .ex3 to exe

  • http://jbrownsec.blogspot.com jbrown

    Thanks for your comments; this went from a 2 minute problem that was solved to a full discussion, hehe.

  • Dan

    A bunch of mail filters will do this. My assumption is that the makers/SAs all said, “Well, if the person has to change the extension, they will think about it before they execute the file”. Of course, they chose to whitelist, which as I need not even say here, is the dumbest way to go about things… as you show by using a compression algorithm other than .zip… although you’d think unzipping two folders would make the user think… they can think, can’t they?

  • http://www.filehurl.com Rick H

    Just for my own use, I have started a site that will allow you to ‘email’ any file, any size, any type to anyone. No limitations of size, content, or recipients (although we will check for inappropriate content when alerted). And no cost, unlike other ‘free’ sites.

    Very simple to use: fill out a simple form, browse to the file, and an email is sent to the recipients with a special link. Click on the link, click the ‘get file” button, and save the file to your computer.

    No cost, although I do have a ‘donate’ button. No ads at the moment (other than my silly ones). But it is absolutely free, and we don’t store anything past 7 days.

    Open for anyone to use. Comments welcomed.

  • http://www.filehurl.com Rick H

    Silly me. I comment about my file transfer site, and didn’t give the URL:

    http://www.filehurl.com .

    …Rick…

  • shilpa

    required right email address

  • http://fusecurity.com/ sunjester

    if you just rename the extension on the .exe gmail will accept it. when your friend recieves the file, have him rename it to .exe

  • http://www.justanotherhacker.com Wireghoul

    Using password protection of some sort, gpg, zip, rar or whatever is a surefire way to ensure that your content cannot be inspected by the receiving server, extension based filtering or not. It’s what the bad guys have been doing for ages and it works.

  • macejv

    Google, Yahoo & Microsoft are still not some “perfect” companies with “perfect” products & services. Look at Microsoft & their Microsoft Windows: it is full of errors and bugs, and in time is working more and more slower, after some while (definitely, there is a whole industry of programs made to assure a good functionality of the Microsoft Windows, one of them being jv16 PowerTools 2009).