Extracting Hidden files from a JPG



  • I have a JPG file that is unusally large, I did some checks according to this thread, and it appears there are indeed files hidden within this jpg. How can I extract the files out of there via terminal?

    https://superuser.com/questions/803225/how-to-find-detect-hidden-files-inside-jpeg-file



  • Pretty cool.



  • @scottalanmiller said in Extracting Hidden files from a JPG:

    Pretty cool.

    That post shows how to find out if their is extra data, but I am unsure how to extract it 😕



  • It's not just jpeg files, it's in most, if not all, image formats.
    Ordinary files from a camera has metadata and several other blocks of info inside the jpeg, for instance preview images and whatnot.

    Tools like exiftool can be used to extract and write these.

    Just to clarify, you can hide anything kind of data inside the metadata. The format of the jpeg file is more like a file format with different blocks of info and some of that is the actual image information. Some of the other information is for instance the exif data which gives info on when the image was taken, which camera was used, exposure information. There are typically also color profiles inside the jpeg. They tell how the computer or printer should interpret the colors inside the image.



  • @Pete-S said in Extracting Hidden files from a JPG:

    It's not just jpeg files, it's in most, if not all, image formats.
    Ordinary files from a camera has metadata and several other blocks of info inside the jpeg, for instance preview images and whatnot.

    Tools like exiftool can be used to extract and write these.

    Just to clarify, you can hide anything kind of data inside the metadata. The format of the jpeg file is more like a file format with different blocks of info and some of that is the actual image information.

    Any file that has an internal stop code where you can just append anything you want and it gets ignored by apps using the original file.



  • @scottalanmiller said in Extracting Hidden files from a JPG:

    @Pete-S said in Extracting Hidden files from a JPG:

    It's not just jpeg files, it's in most, if not all, image formats.
    Ordinary files from a camera has metadata and several other blocks of info inside the jpeg, for instance preview images and whatnot.

    Tools like exiftool can be used to extract and write these.

    Just to clarify, you can hide anything kind of data inside the metadata. The format of the jpeg file is more like a file format with different blocks of info and some of that is the actual image information.

    Any file that has an internal stop code where you can just append anything you want and it gets ignored by apps using the original file.

    It's not exactly the same thing because the jpeg file format is made for this. It's not a hack, it's deliberate.



  • I figured it out 🙂 . I was able to extract the jpg to IMG file. Then I was prompted for a password. I found that the password was actually in the hexdump of the JPG file.

    00c50e0e-81ae-4388-b33b-a4e704d74ee8-image.png



  • @scottalanmiller said in Extracting Hidden files from a JPG:

    @Pete-S said in Extracting Hidden files from a JPG:

    It's not just jpeg files, it's in most, if not all, image formats.
    Ordinary files from a camera has metadata and several other blocks of info inside the jpeg, for instance preview images and whatnot.

    Tools like exiftool can be used to extract and write these.

    Just to clarify, you can hide anything kind of data inside the metadata. The format of the jpeg file is more like a file format with different blocks of info and some of that is the actual image information.

    Any file that has an internal stop code where you can just append anything you want and it gets ignored by apps using the original file.

    The compression algorithms are subject to this sort of thing as well. You can embed information within the pixel data. Much easier to just attach a file to the metadata tho.



  • @IRJ said in Extracting Hidden files from a JPG:

    I figured it out 🙂 . I was able to extract the jpg to IMG file. Then I was prompted for a password. I found that the password was actually in the hexdump of the JPG file.

    00c50e0e-81ae-4388-b33b-a4e704d74ee8-image.png

    private key password too?

    This a malicious payload for a crypto?



  • @JaredBusch said in Extracting Hidden files from a JPG:

    @IRJ said in Extracting Hidden files from a JPG:

    I figured it out 🙂 . I was able to extract the jpg to IMG file. Then I was prompted for a password. I found that the password was actually in the hexdump of the JPG file.

    00c50e0e-81ae-4388-b33b-a4e704d74ee8-image.png

    private key password too?

    This a malicious payload for a crypto?

    It was a challenge we had. First person to capture the flag got to keep contents of the wallet. I was first one to figure it out on our team.

    It was only a few USD, but a fun little treasure


Log in to reply