JPEG metadata viewing tool (incl GPS location)

Okay, so the other day I bumped into this tweet which introduced me to this nifty tool called JPEG snoop by Calvin Hass. [Virustotal Scan Link]

It basically allows you to upload an image and check its structure including the EXIF headers where the image metadata is stored. This also includes GPS location data with the syntax {degrees, minutes, seconds} for the latitude and the longitude reference.

You can take this data and plug it into this GPS coordinates site to get the actual location mapped onto Google Maps. A cool project idea would be to integrate the tool and the module on this site to allow users to get the location where a picture was taken at the click of a button, thereby making it much easier for investigators in DFIR to get their job done.

*the above shared data/information is only to be used for educational purposes

Demo Video

Comments

Password Cracking: RainbowCrack table generation, sorting and usage

I had to do this demo after one of my students asked for my assistance regarding how to use this tool. Usually, I just assign different tools to them individually depending on the aspect of penetration testing we are covering (session hijacking, vulnerability scanning, etc) and then tell them to submit a report and a video demo of how the tool is used. Anyway, after a brief one-to-one discussion I realized the student had actually done the research on how rainbow tables operate (above and beyond the material in the lecture slides) so I figured that if he was here asking for assistance, he genuinely needed it. The tool is available at the RainbowCrack site. A detailed description of this nifty tool can also be found here . So, firstly I had to generate the rainbow tables. The command line syntax is: rtgen hash_algorithm charset plaintext_len_min plaintext_len_max table_index chain_len chain_num part_index where: hash_algorithm Rainbow table is hash algorithm sp...

Malware Analysis: A Python Malware on campus 1

So a few weeks back after a class I'd taken with them, a number of my students told me of a particular malware that was affecting students' computers, in particular, computers running Windows OS. According to them, if you tried to open a folder that was residing on the USB stick with the malware, the malware would delete some of your files and convert folders into executable files. Granted, the likelihood of a random folder miraculously transforming into a single executable file was kinda "out there" but I figured I'd check it out and use that as a teaching moment for those interested in venturing into malware analysis. So I tasked them to bring me a sample of the malware so I could take a look at it and maybe figure it out. I advised one of them to download DumpIt and then extract the memory dump from an infected computer using a clean flash disk and then bring it to me. How do you do this exactly? here's how: Download DumpIt . It's a portable...

It is not too late to start taking BYOD security seriously

A number of studies have shown that the benefits that come along with a Bring Your Own Device (BYOD) policy are multiple when it comes to improving efficiency of employees. On the basis of these studies, many organizations across the globe proceeded to implement this policy but not all of them managed to carefully consider the impact such a policy would have on the cybersecurity of the organization itself. With BYOD, you basically allow employees to bring their own devices (such as laptops) to work and connect to the company’s internal network so they can access organizational resources. It also tends to allow said employees to take the devices home and in some cases, get remote access tools installed on the personal devices to allow them to connect to the same internal organizational resources while they are not on site. As you can imagine, the benefits are quite numerous, but as cybersecurity experts, what we naturally tend to look for are weak spots in such policies and h...

Robsec

Search This Blog