During a computer science class today, we were talking about embedding code and metadata in jpg and bmp files. @exvacuum was showing off a program he wrote that watched a directory for new image files, and would display them on a canvas. He then showed us a special image. In this image, he had injected some metadata into the last few pixels, which were not rendered, but told his program where to position the image on the canvas, and it’s size.
This demo got @hyperliskdev and I thinking about what else we can do with image data. After some talk, the idea of converting application binaries to images came up. I had seen a blog post about visually decoding OOK data by converting an IQ capture to an image. With a little adaptation, I did the same for a few binaries on my laptop.
Like all ideas I have, I wrote some code to test this idea out. Above is a small sample of the interesting designs found in the gimp binary. The goals for this script were to:
If you would like to see how the code works, read “check out the script”.
# Assuming l is a list of data, and n is an int that denotes the desired split location for i in range(0, len(l), n): yield l[i:i + n]
Unlike photos, binaries are not generated from rectangular image sensors, but instead from compilers and assemblers (and sometimes hand-written binary). These do not generate perfect rectangles. Due to this, my script simply removes the last line from the image to “reshape” it. I may end up adding a small piece of code to pad the final line instead of stripping it in the future.
I also looked at other file types. Binaries are very interesting because they follow very strict ordering rules. I was hoping that a
wav file would do something similar, but that does not appear to be the case. This is the most interesting pattern I could find in a
Following up my previous post with a tiny segment of an audio file. This one is little less interesting pic.twitter.com/u9EFloxnK5— Evan Pratten (@ewpratten) September 11, 2019
Back to executable data, these are small segments of a
This script is hosted on my GitHub account as a standalone file. Any version of python3 should work, but the following libraries are needed:
Thank you for reading this post. If you enjoyed the content, and want to let me know, or want to ask any questions, please contact me via one of the methods listed here. If you would like to be notified about future posts, feel free to load my rss feed into your favorite feed reader, or follow me on Twitter for notifications about my work and future posts.
If you have the time to read some more, I recommend checking out one of the following posts: