Any actions and or activities related to the material contained within this Website is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question. Cyber Security Associates Limited, will not be held responsible for any criminal charges brought against any individuals misusing the information in these projects to break the law.
Please ensure you are using the latest SD Card image which is available here.
This project aims to provide an insight as to how metadata is connected to different file types and how it can be extracted and analysed.
The term metadata and “big” data has become a popular buzzword in the last 5 years, this is the data that is connected and describes other types of data. The reason this information is created and collected is because it usually is much smaller than saving a larger file and more information can be stored and processed as a result. Usually, metadata contains the most vital information about a file which can include the file type, the original file size, the creation device, creation date and potentially GPS data. It is not just large organisations that collect metadata, it can be used in the reconnaissance phase of “ethical” hacking to discover more personal details about a target and provide an insight as to how they use their technology and information.
Exchangeable Image File (EXIF) format provides information about different types of files; specifically, image files, sound files and other standard file types like pdf. The information that is contained in this type of metadata indicates the file type, creation date, device manufacturer, device model, details about the image and possibly the GPS location the image was taken at. If it is possible to extract GPS locations from a picture it is possible to tag specific targets together with events and locations. This is very valuable information for potential social engineering attacks, focused on specific activities for individual targets. For example, if a target is interested in a specific hobby, e.g attending a gym and they take photographs at the gym, an attacker could create a specific email for that individual focused on discount gym products and even craft the email as though it was coming from their gym – all from aligning the GPS of the photographs to the target. Hence, information that is posted onto social media seems quite innocent, but it can be used against any of us in the right context. The 2007 story of the Apache helicopters being destroyed following the identification of their location through tagging of photographs was a much more severe lesson that has resulted in the American military services banning all mobile devices in an active warzone (luckily the British forces already had this protocol in place).
The EXIF data is saved in a standard format so any EXIF extractor can remove the information. The tool used in this project presents all the data that is possible to extract in the Command Line Interface (CLI). Exiftool will also extract metadata from different file types (eg PDF files) as there is metadata created and attached to these types of files. The information that is connected to to these file types include: creation date, the file author, page count and a selection of keywords. This allows databases to categorise images, sounds and files by matching the information that is found in the metadata and then is able to create links to these files instead of having to scan through the entire file (which is very processor heavy) and “try” to categorise it on its own.
Suggested Year Group
This project is designed to be completed by students over the age of 13. A basic understanding of how computers store data and what metadata is would be ideal before attempting this project.
Stress the explicit nature of the disclaimer on the student worksheet;
Instruct the to what data is and its connection to metadata;
Introduce what EXIF data is and what kinds of files it is typically related to;
Provide the students time to practice with exiftools and extract EXIF data from the sample files.
Component Number (Peli Case)
(Base) 4 & 5
(Level 1) 3
(Level 1) 3
(Level 1) 3
(Level 1) 5
(Level 1) 1
Component Number (Box Case)
Raspberry Pi + Case
Kali SD Card
Power Supply Unit
Stress to the students that this project is for educational purposes only, and that this information should not be used outside the classroom and should NEVER be used for malicious purposes. There is metadata connected to nearly every piece of data out there in some form, this is how “big” data has become more popular and is able to collect more information about how data is used and how the users are using that data. In “ethical” hacking this information provides valuable insight to a target and can provide details that are very difficult to find in any other format.