After a long week with rain almost everyday, our tips and trick today will talk about Information Gathering From Photos Using ExifTool.
Many people nowadays more sensitive with the new technology especially when it was related with picture. We can see Instagram, Pinterest, and many other service that give free service to upload your photos and share with others. Many camera brand now put and bundled a lot of latest technology such as GPS into the camera to make the people who use it more sociable and they can share it as soon as they captured the moment.
Information gathering is one of Reconnaissance process from 5 hacking phase. What is Reconnaissance? According to Wikipedia:
Reconnaissance is the military term for exploring beyond the area occupied by friendly forces to gain vital information about enemy forces or features of the environment for later analysis and/or dissemination.
In this tips and trick we will use the tool that already included on Backtrack or Kali Linux called ExifTool.
ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files
1. A photos
2. ExifTool (http://www.sno.phy.queensu.ca/~phil/exiftool/)
1. I try the following this tips and trick on Kali Linux. This is the preview when we run ExifTool.
2. For the next step we can try to provide some JPG to test this ExifTool.
If we see the image, there is some nice information such as "Apple computer", probably they use Apple products (iPad, iPhone, Mac, etc).
3. If we see the metadata information results on step 2 was not clear enough. Now we try to find out another picture with more detailed information.
On this picture we can see the GPS information or the location from the photos.
4. After check the GPS positions location on Google map, here is the result.
1. The advantage using the latest technology such as GPS in your camera is to track the place you've already go and you don't need to remind "where was this photo taken from?"
2. The disadvantage using the latest technology such as GPS in your camera is the malicious user or people can read your image metadata information and track your location based on your GPS location position.
3. Turn off the GPS Geotag feature when you take picture using your smartphone.
4. Remove or modify EXIF data from photos using tools such as jhead.
You can check your personal image online by using one of our tool in this page: Image Metadata Parser With GPS Location
hope it useful 🙂