Images carrying an encrypted data payload

encrypted-data-image

This is a tidy looking banner image. But according to [Ian] it contains 52KB of source code. You can’t just read out all of that data. Well, you can but it will be gibberish. Before hiding the bits in plain sight he encrypted them with two different keys.

He’s using AES-256 encryption to keep his data away from prying eyes. But if that wasn’t enough, he also wrote a PHP program to hide the bits in a PNG image. Not just any picture will do (otherwise your eye will be able to see something’s awry). The post linked above focuses mainly on how to choose an image that will hide your data most easily. We asked him if he would share his techniques for actually merging the encrypted file with the picture and he delivered. Head on over to his repository if you want to take a look at the generator code.

Dissecting a firmware image

dissecting-a-firmware-image

[Leland Flynn] did a great job of picking apart the firmware image for a Westell 9100EM FiOS router. Unfortunately he didn’t actually find the information he was looking for. But he’s not quite done poking around yet either. If you have never tried to make sense of an embedded Linux firmware image this serves as a great beginner’s example of how it’s done.

He was turned on to the project after port scanning his external IP and finding a random login prompt which he certainly didn’t set up. Some searching led him to believe this is some kind of back door for Verizon to push automatic firmware updates to his router. He figured why not see if he could yank the credentials and poke around inside of the machine?

He started by downloading the latest firmware upgrade. Running ‘hexdump’ and ‘strings’ gives him confirmation that the image is based on Linux. He’s then able to pick apart the package, getting at just the filesystem portion. His persistence takes him through extracting and decompressing three different filesystems. Even though he now has access to all of those files, broken symlinks meant a dead-end on his login search.

Dumping a C64 kernel

[Blark] picked up a couple of Commodore 64 machines on Craig’s List so that he could play around with the SID chips inside. But there’s some other fun stuff in there and his attention was drawn to the PROM which stores the kernel. He thought it would be a fun adventure to build a ROM dumper capable of storing binary images.

In the video after the break you can see that when powered up the dumper immediately starts streaming hex values to the terminal. The system is set up to feed a Python script which packs the data stream into an image file. The reading is done by a PIC 18F4520, streaming the data in at 9600 baud with a generous delay between each address read to get the cleanest read possible. He had a bit of help from the AVR Freaks to get to this point.

We’d guess he’s going to pull the image off the chip several times and compare results to filter out any possible data corruption. From there we’re not sure what he’ll do with the files but there’s always the possibility of making is own emulator using this kernel image.

[Read more...]

Cat door unlocks via facial recognition

Faced with critters trying to get in and a cat that loved to show them her latest kill, the folks at Quantum Picture came up with a system that unlocks the cat door based on image recognition. As you can see above, it uses a camera to capture the profile of anything approaching the cat door. That image is compared to stored positive identification sets, making up a feline positive identification protocol. Don’t think this is necessary? In the writeup there’s a couple of images showing the outline of a skunk. Sounds like this system is a necessity.

We wonder if this lucky cat also has an Internet enabled cat feeder?

[Thanks Stephen]

Follow

Get every new post delivered to your Inbox.

Join 94,503 other followers