Recent in Forensics:
- Cuckoo Sandbox – Automated Malware Analysis System
- Web Application Log Forensics After a Hack
- CapTipper – Explore Malicious HTTP Traffic

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,479 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 34,471 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 29,764 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


13 Responses to Metagoofil 1.2 – Metadata Extractor Tool

  1. Sandeep Nain October 26, 2007 at 6:31 am #

    Thanks for sharing this with us Darknet.
    its portability to OSX is kool

    It reminds me of another Metadata Extraction Tool developed by National Library of New Zealand to programmatically extract preservation metadata from a range of file formats like PDF documents, image files, sound files Microsoft office documents, and many others…
    This tool is open source…

  2. dre October 28, 2007 at 1:41 am #

    @Sandeep: do you have more information about that tool? Location?

    I’m also familiar with an earlier tool called The Revisionist, which only works for Word – but it has many hooks that I’d like to see make it into another revision of Metagoofil.

    The tool was written by Michel Zalewski and he demonstrates how ot use it here on his website.

  3. dre October 28, 2007 at 2:07 am #

    There is a hilarious story about a Firefox developer’s business card from this past BlackHat USA 2007. RSnake posted a picture of the card, but failed to remove the underlying EXIF metadata. Thus, any skilled person could glean the striked-out phone number on the card. I’m surprised I didn’t hear too many people talking about this blunder, but it was covered in detail on Giorgio Maone

  4. AndyN October 28, 2007 at 10:31 pm #

    Hiya, here’s some more info on the Metadata Extraction Tool developed by National Library of New Zealand.

  5. Sandeep Nain October 29, 2007 at 12:15 am #

    Thanks AndyN for posting the link. Otherwise I would have to google it.

    There you go dre.

    This link will giveyou each and every detail you may require about the tool. This page also has a link to the sourforge project where you can download the complete code for this project.

    FYI, This tool works for MS Word2,MS Word 6, Word Perfect, OPen office, MS Works,Excel, Powerpoint , Tiff, JPEG, WAV, MP3, HTML, PDF, GIF and BMP.

    and this tool supports Windows and *nix OS

  6. Sandeep Nain October 29, 2007 at 1:02 am #

    @dre, Thnks for sharing this article. its funny that someone like RSnake can make such a mistake.. well im sure he would have done this knowingly to play a prank.

    You can find thousand’s of pictures on networking websites like orkut, where people upload their original pics with slight modification (such as hiding their faces with rectangles) and assume that nobody will be able to recognise them. Needless to say that 99.9% don’t remove the metadata from the images.

  7. fazed October 30, 2007 at 4:43 pm #

    nice!
    this could be useful during a security test
    during the enumeration period. It may also
    be useful for beating very simple CAPTCHA’s

    @sandeep
    nice idea! must check this out sometime.
    you could also use this to remove blanked out
    usernames and passwords in images then?

  8. dre October 31, 2007 at 6:28 am #

    when i took my picture on orkut, there will be no metadata left to find me because i used the physical properties of the camera to prevent my eyes and above from showing

  9. Sandeep Nain October 31, 2007 at 6:52 am #

    @dre, you are one of the smart one’s. Usually people click pictures for their personal use and then modify them to upload while uploadin them to orkut etc.

    and you clicked a picture specifically for that purpose… it makes sense.. :)

  10. dre October 31, 2007 at 7:07 am #

    well now they have that facial recognition software stuff…

  11. Sandeep Nain October 31, 2007 at 9:30 am #

    Who has the facial recognition stuff? are you talking about Google? Is it integrated to orkut? Sorry I didnt get you?

    I don;t think there is any people networking website whihc comes wth facial recognition software.. and i dont think its needed at all.

    moreover it will be intruding someone’s privacy

  12. Sir Henry December 14, 2007 at 7:13 pm #

    Has anyone here seen the article about un-swirling the swirl filter in PS? That is scary for anyone who has posted to Orkut or anywhere else thinking that they won’t be recognized. But, this tool sounds wicked cool. I love it when people leave the metadata in place when they otherwise wish to remain anonymous.

Trackbacks/Pingbacks

  1. Eina: Metagoofil 1.2 * Quands.cat - January 8, 2008

    […] Metagoofil