Social Icons

Showing posts with label anti forensics. Show all posts
Showing posts with label anti forensics. Show all posts

Sunday, January 31, 2021

REMOVE METADATA FROM IMAGES: UBUNTU with exiftool utility

Just few commands in Ubuntu to check the meta data and thereafter remove the same.I am using a utility exiftool which does not come inbuilt to most of the Linux systems,but we need to install them.

INSTALL COMMAND

sudo apt-get install libimage-exiftool-perl

USAGE COMMAND

exiftool -all= IMG_20200504_215424.jpg

(The above command creates a separate copy of the original file and the new file which is created with removed metadata)

or

exiftool -overwrite_original -all= IMG_20200504_215424.jpg 

(The above command overwrites the original file with the new file created with removed metadata)

Showing you output of one file prior to removal of meta data and thereafter removing the meta data

ORIGINAL FILE

kabali@Kabali:~/Desktop/ddd$ jhead IMG_20200504_215424.jpg
File name    : IMG_20200504_215424.jpg
File size    : 3588382 bytes
File date    : 2021:01:31 14:10:13
Camera make  : Xiaomi
Camera model : Mi A2
Date/Time    : 2020:05:04 21:54:24
Resolution   : 4000 x 3000
Orientation  : rotate 90
Flash used   : No
Focal length :  4.1mm  (35mm equivalent: 4mm)
Exposure time: 0.050 s  (1/20)
Aperture     : f/1.8
ISO equiv.   : 1000
Whitebalance : Auto
Metering Mode: center weight
GPS Latitude : ? ?
GPS Longitude: ? ?
JPEG Quality : 98

REMOVED METADATA FILE

kabali@Kabali:~/Desktop/ddd$ jhead IMG_20200504_215424.jpg

File name    : IMG_20200504_215424.jpg
File size    : 3556853 bytes
File date    : 2021:01:31 14:30:08
Resolution   : 4000 x 3000
JPEG Quality : 98


 

Sunday, July 05, 2015

Whatsapp Chat History : How to avoid chat backing up?

1.    WhatsApp has been one of the revolutionary social networking application on the lines of various past hits like Facebook,one time orkut etc and today has a huge user base in billions exchanging all kinds of official,unofficial,personal chat kind of communications.Off course keeping a backup of all these chats is sometimes essential and in few cases for whatever reasons of the user base it is not required....the users wanna refrain from backing up anywhere any kind of history..no tell tale signs to be recovered...Although I have seen people ensuring themselves deleting the chat as it happens but that’s not a technically sound way to ensure nothing is being backed up

2.   For those who want to ensure a back up ...Daily at 0400 am the Whatsapp Auto backup is taken by the app itself so no need to worry for this and if you switch off or activate flight mode at night then one might need to take manual backup.For those who do not want any backup , a simple procedure as shown below will ensure a blank backup.

3.   Goto your Android application screen and search for MyFiles :

Choose the location where you have the default whatsapp files..in my case the default saving location is internal sd card.Click this and you look for the Whatsapp folder.

Further go inside Whatsapp folder and look for Databases....delete every thing inside this before 0400 cycle comes again.That should work....here the 0400 cycle backups the entire thing but defacto there is nothing to upload and backup.



Saturday, April 20, 2013

Self Destructing E Mails : Receiver reads them only Once

1.   It has always remained a question for typical email users like u and me of how to send a self destructing E-Mail...an email that is read once and destroyed that moment like how about your office messages with vendors or love mails with your present Girl Friend/Boy Friend or u can imagine situations for such requirements....

2. Earlier it had been the disposable email solution and now there are many solutions that offer this particular requirement of Self Destructing E Mails.Below are few such sites and solutions :

http://www.self-destructing-email.com/

Offers free trials last for two weeks or 25 emails (whichever comes first) and u need to register with it.It lets you decide what happens to your email after sending.

https://privnote.com/


Privnote is a free web based service that allows you to send top secret notes over the internet. It's fast, easy, and requires no password or user registration at all.

Just write your note, and you'll get a link. Then you copy and paste that link into an email (or instant message) that you send to the person who you want to read the note. When that person clicks the link for the first time, they will see the note in their browser and the note will automatically self-destruct; which means no one (even that very same person) can read the note again. The link won't work anymore.(Courtesy : https://privnote.com/ )


http://www.destructingmessage.com/

DestructingMessage.com is a free service which enables you to send a self-destructing message to someone. This means, once they read the message they will no longer be able to read it again after the timer has reached zero. This ensures your message is read by no one but the reader and all evidence of the message is erased. Messages are also anonymous unless you add any identifiable information to your message.(Courtesy : http://www.destructingmessage.com/)

https://oneshar.es/

-  Uses HTTPS (SSL; Port 443) to encrypt the data from your web browser to our servers.

-  All data is stored encrypted.
-  When someone views the unique URL that you send them; your encrypted message is deleted from our system.
-  The datacenter maintains the latest security updates and patches on our server.
-  Google Analytics is used on our site for web analytics.

Tuesday, October 11, 2011

HIBERNATION MODE : HOW SAFE FOR YOU?

1. How often while using your PC u use the hibernation mode?I am sure that after reading the text below u r hardly going to use it owing to the serious compromise of your info of what you do and when you do ?

2. Ok…what do we mean by hibernation mode?......it simply means that via using this mode we are basically creating a snapshot of the contents of the computers RAM which is then saved to the root of the hard drive as “hiberfil.sys”!!!!This would now mean that the then current running applications and other data in RAM will be written to the hard disk.

3. For example, if we went into the hibernation mode with our browser still open…..then textual strings such as the last Google search performed or text from an open web page will be written to hard drive as the computer “hibernates”.

4. The Windows hiberfil.sys also become an issue while using encryption software such as TrueCrypt. If a Windows system is placed into hibernation mode without unmounting encrypted containers or volumes then the encryption keys used to access these containers will likely be left in RAM in plain-text. RAM will then be saved to the hard drive in the hiberfil.sys. This means that we will be leaving the keys (passwords) to all of your private containers and volumes free for the finding.

5. Ok…..if at all we get hold of the hiberfil.sys…is it going to be that easy to read all that hex dec info?...no certainly not…here come sandmen project for assistance….now whats SANDMEN PROJECT….pls google….in short it is a library which assists in parsing data from the hiberfil.sys.

Disable Hibernation mode on Windows XP:
• Right-click empty area on desktop
• Choose “Properties”
• Select the “Screen Saver” tab
• Click “Power…”
• Select the “Hibernate” tab
• Uncheck “Enable hibernation”

Disable Hibernation mode on Windows 7:

• Open “Control Panel”
• Click “Power Options”
• Click “Change plan settings” for you current power plan
• Click “Change advanced power settings”
• Expand “Sleep”
• Expand “Hibernate after”
• Enter “0″ for “Setting:” to set hibernate to “Never”

Powered By Blogger