Hello and welcome back guys.👋👋
From now on we are going to start our bug hunting series again. I will provide my insights and learning with you as I learn and practice them. So let us start without any delay.
Today we are going to learn about EXIF Geo-location. How many types are present and how to find one? First, let us learn what exactly is this vulnerability.
What is EXIF
EXIF is short for Exchangeable Image File. A photo’s EXIF details contain a lot of information about the camera, when it was taken, and where it was taken(GPS coordinates). So if you are sharing this information you are giving away a lot of information to the one who is interested.
When you are taking a photo, it is usually stored in a file (most probably JPG, PNG formats) in the memory. Along with the pixels of the image, it also saves some metadata that contains information about the camera type, date, time, location, and other settings of the camera.
So if the device from which you have taken the photo has GPS available then the metadata would also have the Geo-location of the photo. You can also strip this information by yourself but that is not part of our discussion. The location of any person or object or image is something that is personal and nobody wants others to know about them. So the same applies to the images we use or upload to the website. We don’t want to give away the information about the location of these images as it can lead to some serious issues.
So we strip this data before we upload the images to the website, so it cannot be seen or used for any advantage by malicious attackers. The two types we earlier discussed were
If the information of the image is directly available on the website for everyone (P3).
If the information of the image is directly available on the website for just you (P4).
Let us learn a bit more about them in detail.
If you have uploaded an image and its information is seen by everyone, i.e. not just you but anyone who has access to the website then it is a P3 vulnerability according to Bug crowd.
And the second one is if you can see the information of the image just for yourself, then it comes under P4 vulnerability.
The information can be of any image, be it the image of the website itself or the image we upload. Any information on any image is a security issue.
How to find this Information
There is a website http://exif.regex.info/exif.cgi where you can check for the EXIF information of any image. Just open the website and paste the URL of the image or browse one from your system and click on the View information button to see if there is any EXIF info available. If you see any information about the location when it is taken or any personal information then YES the image has EXIF information attached to it.
So we have to make sure that no image has EXIF information be it the one of the website or the one we upload. For the one, we upload the website should strip out the information before making it visible to other users. So just practice and see if you can find out any!!!
That’s all from my side today and catch you up again in the next post. I would love to hear your feedback and improve myself. Check out my Instagram to get more updates and tricks.
Till then take care and Happy Hacking!!!👋👋
コメント