<p><pre><code> They serve no purpose, except proving that file formats not starting at offset
0 are a bad idea.
</code></pre>
Au contraire–they are a wonderful idea. If, say, a polyglot pdf+executable could gain code execution enough to execute itself as a binary, it could just as easily execute far more dangerous code while being far less likely to tip off an automated scanner. So it goes for many of the other stackable formats.<p>The benefits seem to far outweigh the drawbacks. As an example, look at the concept behind ext[234]fs migration in btrfs (which is not fixed to block 0 in a volume)–Take an ext4 filesystem, generate new inodes pointing at the original b-trees, and away you go! You get a filesystem that is valid ext4 (retaining the old data), and valid btrfs (which, being copy-on-write, doesn't destroy the old data.)
I also did the same with PE or ELF instead of Mach-O.<p>I recommend also checking my latest slides @ <a href="https://corkami.googlecode.com/files/44CON2013-Messing%20with%20binary%20formats.zip" rel="nofollow">https://corkami.googlecode.com/files/44CON2013-Messing%20wit...</a> where the 'inception' slides contain the PDF slides and the actual PDF viewer Sumatra, and an alternate PDF to be viewed under Chrome ;)
BTW, if you're interested, Ange also built a really awesome pair of posters on the Windows PE binary format for you to print out:<p><a href="https://code.google.com/p/corkami/wiki/PE101" rel="nofollow">https://code.google.com/p/corkami/wiki/PE101</a><p><a href="https://code.google.com/p/corkami/wiki/PE102" rel="nofollow">https://code.google.com/p/corkami/wiki/PE102</a>
Ange was at 44CON[1] this month and did a great talk about Windows PE binary formats. He also ran a workshop on the PE binary format. Awesome guy to talk to, just make sure you don't have any fez's lying around ;)<p>[1] - <a href="http://www.44con.com/" rel="nofollow">http://www.44con.com/</a>
ELF and PE hybrid<p><a href="http://stackoverflow.com/a/2083161/41948" rel="nofollow">http://stackoverflow.com/a/2083161/41948</a><p>Now someone could just add Mach-O to it...
Is it possible to do the (somewhat) simpler (in concept, not process) task of making gif or png that is also a valid HTML file? It might be kind of tricky given they both have magic numbers at the head...but perhaps there is some way to trick a browser into ignoring the "garbagey" bits?
I remember that the NE executable files had hardly any virus I always wondered why?
Is it the format or the fact that they where not used that much (due to the short presence of Win3)?