Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Corey H wrote:
> how do you guys test all of the potential PNG/JPG potential malware payloads
to check any file for potential malware you can use:
chkrootkit
rkhunter
but you can also try with:
binwalk <- detect/extract binary data in files
string <- to detect strings in the image/audio file
exiftool, exiv2 <- to detect metadata
but in image/audio file you can hide also information with steganography[¹]
you can try with:
stegcracker
stegosuite
foremost
I have read that you can determine if an image file has hidden content or not,
but I don't know if there is a software that do only this check. Probably with
histogram analysis[²] you can find suspected altered files.
You can start read for steganalysis[³] and report here results.
Ciao
Davide
[¹] https://en.wikipedia.org/wiki/Steganography
[²] https://en.wikipedia.org/wiki/Image_histogram
[³] https://en.wikipedia.org/wiki/Steganalysis
--
My Privacy is None of Your Business
https://noyb.eu/it
Reply to: