Description: Note:
After uploading a picture the album can be shared to everyone
The abused website can't control the hidden embedded file
Someone could share music, documents ,some other things abusing space storage
Credits
The original article was written by Antoine Santo
antoinesanto[at]yahoo.com
Tags: embed , jpg , mp3 , encode , upload , decode ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Nice idea.
To mitigate this fault, the image hosting server should just re-encode all images at 99% quality and strip EXIF data. Your data would then be lost. This is possible with ImageMagick plugins and exiftool, both of which have many web script bindings. This would stop embedding both in exif data (which is REALLY basic) and more advanced stegano tactics like hiding data in larger or multiple images with modify by 1 a single value for each pixel. Check outgess for the latter technique(available via apt-get or compiled on multiple platforms).
nice video.........thanks
Seems that some websites keep the EXIF data of the original image
http://cid-450773ec27f3011e.photos.live.com/self.aspx/foo/honey02.jpg
thanks for the steps. Can u give me a tip? I had to manually use vi to remove compiler data from the photo in order to uudecode song.uue, deleted up to "begin", what's a better way to do this?
This should solve your problem
dd if=honey02.jpg of=honey02.uue bs=1 skip=9107 && uudecode honey.uue
Then you will have a file called song1.mp3
Seems that you need to remove (9107 Bytes) of header to get the data back
Screenshot
http://img690.imageshack.us/img690/7194/screenshotpja.png
Here is the right code , i mess up
dd if=honey02.jpg of=honey02.uue bs=1 skip=9107 && uudecode honey02.uue
Right, so on my file i had to skip 9107 bytes of code, on your 24. Is there a command or a quick way to determine how many bytes need to be skipped per file, maybe something with "some command" skip all text before "begin base64". idk
I made this script in python , it should work
http://sprunge.us/GITV
Usage: python showbyte.py yourfile