bin
This commit is contained in:
parent
b5030bd739
commit
47cac0002a
_includes
_posts
_site
about
blog
documentation.htmlfeed.xmlfossl-feeds.htmlindex.htmlprojects.htmlassets/images
@ -82,4 +82,7 @@
|
||||
particlesJS.load('particles-js', '/assets/js/particles.json', function () {
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
54
_posts/2019-09-11-Buildingimgfrombin.md
Normal file
54
_posts/2019-09-11-Buildingimgfrombin.md
Normal file
@ -0,0 +1,54 @@
|
||||
---
|
||||
layout: post
|
||||
title: "Building images from binary data"
|
||||
description: "Simple, yet fun"
|
||||
date: 2019-09-11 12:41:00
|
||||
categories: python images
|
||||
---
|
||||
|
||||
During a computer science class today, we were talking about embedding code and metadata in *jpg* and *bmp* files. @SilasBartha was showing off a program he wrote that watched a directory for new image files, and would display them on a canvas. He then showed us a special image. In this image, he had injected some metadata into the last few pixels, which were not rendered, but told his program where to position the image on the canvas, and it's size.
|
||||
|
||||
This demo got @hyperliskdev and I thinking about what else we can do with image data. After some talk, the idea of converting application binaries to images came up. I had seen a blog post about visually decoding [OOK data](https://en.wikipedia.org/wiki/On%E2%80%93off_keying) by converting an [IQ capture](http://www.ni.com/tutorial/4805/en/) to an image. With a little adaptation, I did the same for a few binaries on my laptop.
|
||||
|
||||
|
||||
<!-- Tweet embed -->
|
||||
<blockquote class="twitter-tweet"><p lang="en" dir="ltr">I present: "Parts of <a href="https://twitter.com/GIMP_Official?ref_src=twsrc%5Etfw">@GIMP_Official</a>'s binary, represented as a bitmap" <a href="https://t.co/iLljdE4nlK">pic.twitter.com/iLljdE4nlK</a></p>— Evan Pratten (@ewpratten) <a href="https://twitter.com/ewpratten/status/1171801959197794304?ref_src=twsrc%5Etfw">September 11, 2019</a></blockquote>
|
||||
|
||||
## Program design
|
||||
Like all ideas I have, I wrote some code to test this idea out. Above is a small sample of the interesting designs found in the [gimp]() binary. The goals for this script were to:
|
||||
|
||||
- Accept any file of any type or size
|
||||
- Allow the user to select the file dimensions
|
||||
- Generate an image
|
||||
- Write the data in a common image format
|
||||
|
||||
If you would like to see how the code works, read "*check out the script*".
|
||||
|
||||
## A note on data wrapping
|
||||
By using a [generator](https://wiki.python.org/moin/Generators), and the [range function](https://docs.python.org/3/library/functions.html#func-range)'s 3rd argument, any list can be easily split into a 2d list at a set interval.
|
||||
|
||||
```python
|
||||
# Assuming l is a list of data, and n is an int that denotes the desired split location
|
||||
for i in range(0, len(l), n):
|
||||
yield l[i:i + n]
|
||||
```
|
||||
|
||||
### Binaries have a habit of not being rectangular
|
||||
Unlike photos, binaries are not generated from rectangular image sensors, but instead from compilers and assemblers (and sometimes hand-written binary). These do not generate perfect rectangles. Due to this, my script simply removes the last line from the image to "reshape" it. I may end up adding a small piece of code to pad the final line instead of stripping it in the future.
|
||||
|
||||
## Other file types
|
||||
I also looked at other file types. Binaries are very interesting because they follow very strict ordering rules. I was hoping that a `wav` file would do something similar, but that does not appear to be the case. This is the most interesting pattern I could find in a `wav` file:
|
||||
|
||||
<blockquote class="twitter-tweet"><p lang="en" dir="ltr">Following up my previous post with a tiny segment of an audio file. This one is little less interesting <a href="https://t.co/u9EFloxnK5">pic.twitter.com/u9EFloxnK5</a></p>— Evan Pratten (@ewpratten) <a href="https://twitter.com/ewpratten/status/1171883910827040774?ref_src=twsrc%5Etfw">September 11, 2019</a></blockquote>
|
||||
|
||||
Back to executable data, these are small segments of a `dll` file:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## Check out the script
|
||||
This script is hosted [on my GitHub account](https://github.com/Ewpratten/binmap) as a standalone file. Any version of python3 should work, but the following libraries are needed:
|
||||
|
||||
- Pillow
|
||||
- Numpy
|
||||
@ -204,7 +204,7 @@ sub rsa4096/0xA61A2F1676E35144 2019-08-11 [] [expires: 2025-08-09]
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -283,6 +283,9 @@ sub rsa4096/0xA61A2F1676E35144 2019-08-11 [] [expires: 2025-08-09]
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
|
||||
</body>
|
||||
@ -123,7 +123,7 @@ pip3 install tensorflow-gpu #for gpu processing
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -201,6 +201,9 @@ pip3 install tensorflow-gpu #for gpu processing
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -87,7 +87,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -165,6 +165,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -100,7 +100,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -178,6 +178,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -111,7 +111,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -189,6 +189,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -125,7 +125,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -203,6 +203,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -84,7 +84,7 @@ Your browser does not support audio players
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -162,6 +162,9 @@ Your browser does not support audio players
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -124,7 +124,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -196,6 +196,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -82,7 +82,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -160,6 +160,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -82,7 +82,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -160,6 +160,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -191,7 +191,7 @@ __<span class="o">()</span> <span class="o">{</span>/???/???/???n?f <span class=
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -269,6 +269,9 @@ __<span class="o">()</span> <span class="o">{</span>/???/???/???n?f <span class=
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -112,7 +112,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -190,6 +190,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -177,7 +177,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -255,6 +255,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -101,7 +101,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -173,6 +173,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -174,7 +174,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -252,6 +252,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -95,7 +95,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -173,6 +173,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -187,7 +187,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -265,6 +265,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -107,7 +107,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -179,6 +179,9 @@
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -152,7 +152,7 @@ ibus-daemon <span class="nt">-drx</span>
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -224,6 +224,9 @@ ibus-daemon <span class="nt">-drx</span>
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -137,7 +137,7 @@ shift2 <span class="nt">-h</span>
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -209,6 +209,9 @@ shift2 <span class="nt">-h</span>
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -108,7 +108,7 @@ Starting from the top, scroll through, and middle click on anything you want to
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -186,6 +186,9 @@ Starting from the top, scroll through, and middle click on anything you want to
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -157,7 +157,7 @@ fn printMyNumber(MyClass* self){
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -235,6 +235,9 @@ fn printMyNumber(MyClass* self){
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -64,22 +64,22 @@
|
||||
Featured Post
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<h5 class="card-title">Doing Python OOP the wrong way
|
||||
<h5 class="card-title">Building images from binary data
|
||||
|
||||
</h5>
|
||||
<p class="card-text">In the name of science!</p>
|
||||
<a href="/blog/2019/09/07/wrong-python" class="btn btn-primary">View</a>
|
||||
<p class="card-text">Simple, yet fun</p>
|
||||
<a href="/blog/2019/09/11/buildingimgfrombin" class="btn btn-primary">View</a>
|
||||
</div>
|
||||
</div>
|
||||
</div> -->
|
||||
|
||||
<a href="/blog/2019/09/07/wrong-python" class="list-group-item list-group-item-action">
|
||||
<a href="/blog/2019/09/11/buildingimgfrombin" class="list-group-item list-group-item-action">
|
||||
<div class="d-flex w-100 justify-content-between">
|
||||
<div class="card-body">
|
||||
<h5 class="mb-1">Doing Python OOP the wrong way
|
||||
<h5 class="mb-1">Building images from binary data
|
||||
|
||||
</h5>
|
||||
<p class="card-text">In the name of science!</p>
|
||||
<p class="card-text">Simple, yet fun</p>
|
||||
</div>
|
||||
</div>
|
||||
</a>
|
||||
@ -92,6 +92,21 @@
|
||||
|
||||
|
||||
|
||||
<a href="/blog/2019/09/07/wrong-python" class="list-group-item list-group-item-action">
|
||||
<div class="d-flex w-100 justify-content-between">
|
||||
<h5 class="mb-1">Doing Python OOP the wrong way</h5>
|
||||
<!-- <small>2019-09-07 09:13:00 -0400</small> -->
|
||||
</div>
|
||||
<p class="card-text">In the name of science!</p>
|
||||
</a>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<a href="/blog/2019/08/27/github-cleanup" class="list-group-item list-group-item-action">
|
||||
<div class="d-flex w-100 justify-content-between">
|
||||
<h5 class="mb-1">I did some cleaning</h5>
|
||||
@ -400,7 +415,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -479,5 +494,8 @@
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -52,7 +52,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -131,5 +131,8 @@
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -1,4 +1,51 @@
|
||||
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="3.8.6">Jekyll</generator><link href="http://0.0.0.0:4000/feed.xml" rel="self" type="application/atom+xml" /><link href="http://0.0.0.0:4000/" rel="alternate" type="text/html" /><updated>2019-09-11T11:41:26-04:00</updated><id>http://0.0.0.0:4000/feed.xml</id><title type="html">Evan Pratten</title><subtitle>Computer wizard, student, <a href="https://frc5024.github.io">@frc5024</a> programming team lead, and radio enthusiast.</subtitle><entry><title type="html">Doing Python OOP the wrong way</title><link href="http://0.0.0.0:4000/blog/2019/09/07/wrong-python" rel="alternate" type="text/html" title="Doing Python OOP the wrong way" /><published>2019-09-07T09:13:00-04:00</published><updated>2019-09-07T09:13:00-04:00</updated><id>http://0.0.0.0:4000/blog/2019/09/07/wrong-python</id><content type="html" xml:base="http://0.0.0.0:4000/blog/2019/09/07/wrong-python"><p>If you know me, you probably know of the many weird things I do with python. Most recent of which being this <a href="https://en.wikipedia.org/wiki/Fizz_buzz">FizzBuzz</a> implementation in one line of python code:</p>
|
||||
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="3.8.6">Jekyll</generator><link href="http://0.0.0.0:4000/feed.xml" rel="self" type="application/atom+xml" /><link href="http://0.0.0.0:4000/" rel="alternate" type="text/html" /><updated>2019-09-11T17:12:28-04:00</updated><id>http://0.0.0.0:4000/feed.xml</id><title type="html">Evan Pratten</title><subtitle>Computer wizard, student, <a href="https://frc5024.github.io">@frc5024</a> programming team lead, and radio enthusiast.</subtitle><entry><title type="html">Building images from binary data</title><link href="http://0.0.0.0:4000/blog/2019/09/11/buildingimgfrombin" rel="alternate" type="text/html" title="Building images from binary data" /><published>2019-09-11T08:41:00-04:00</published><updated>2019-09-11T08:41:00-04:00</updated><id>http://0.0.0.0:4000/blog/2019/09/11/Buildingimgfrombin</id><content type="html" xml:base="http://0.0.0.0:4000/blog/2019/09/11/buildingimgfrombin"><p>During a computer science class today, we were talking about embedding code and metadata in <em>jpg</em> and <em>bmp</em> files. @SilasBartha was showing off a program he wrote that watched a directory for new image files, and would display them on a canvas. He then showed us a special image. In this image, he had injected some metadata into the last few pixels, which were not rendered, but told his program where to position the image on the canvas, and it’s size.</p>
|
||||
|
||||
<p>This demo got @hyperliskdev and I thinking about what else we can do with image data. After some talk, the idea of converting application binaries to images came up. I had seen a blog post about visually decoding <a href="https://en.wikipedia.org/wiki/On%E2%80%93off_keying">OOK data</a> by converting an <a href="http://www.ni.com/tutorial/4805/en/">IQ capture</a> to an image. With a little adaptation, I did the same for a few binaries on my laptop.</p>
|
||||
|
||||
<!-- Tweet embed -->
|
||||
<blockquote class="twitter-tweet"><p lang="en" dir="ltr">I present: &quot;Parts of <a href="https://twitter.com/GIMP_Official?ref_src=twsrc%5Etfw">@GIMP_Official</a>&#39;s binary, represented as a bitmap&quot; <a href="https://t.co/iLljdE4nlK">pic.twitter.com/iLljdE4nlK</a></p>&mdash; Evan Pratten (@ewpratten) <a href="https://twitter.com/ewpratten/status/1171801959197794304?ref_src=twsrc%5Etfw">September 11, 2019</a></blockquote>
|
||||
|
||||
<h2 id="program-design">Program design</h2>
|
||||
<p>Like all ideas I have, I wrote some code to test this idea out. Above is a small sample of the interesting designs found in the <a href="">gimp</a> binary. The goals for this script were to:</p>
|
||||
|
||||
<ul>
|
||||
<li>Accept any file of any type or size</li>
|
||||
<li>Allow the user to select the file dimensions</li>
|
||||
<li>Generate an image</li>
|
||||
<li>Write the data in a common image format</li>
|
||||
</ul>
|
||||
|
||||
<p>If you would like to see how the code works, read “<em>check out the script</em>”.</p>
|
||||
|
||||
<h2 id="a-note-on-data-wrapping">A note on data wrapping</h2>
|
||||
<p>By using a <a href="https://wiki.python.org/moin/Generators">generator</a>, and the <a href="https://docs.python.org/3/library/functions.html#func-range">range function</a>’s 3rd argument, any list can be easily split into a 2d list at a set interval.</p>
|
||||
|
||||
<div class="language-python highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c1"># Assuming l is a list of data, and n is an int that denotes the desired split location
|
||||
</span><span class="k">for</span> <span class="n">i</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="nb">len</span><span class="p">(</span><span class="n">l</span><span class="p">),</span> <span class="n">n</span><span class="p">):</span>
|
||||
<span class="k">yield</span> <span class="n">l</span><span class="p">[</span><span class="n">i</span><span class="p">:</span><span class="n">i</span> <span class="o">+</span> <span class="n">n</span><span class="p">]</span>
|
||||
</code></pre></div></div>
|
||||
|
||||
<h3 id="binaries-have-a-habit-of-not-being-rectangular">Binaries have a habit of not being rectangular</h3>
|
||||
<p>Unlike photos, binaries are not generated from rectangular image sensors, but instead from compilers and assemblers (and sometimes hand-written binary). These do not generate perfect rectangles. Due to this, my script simply removes the last line from the image to “reshape” it. I may end up adding a small piece of code to pad the final line instead of stripping it in the future.</p>
|
||||
|
||||
<h2 id="other-file-types">Other file types</h2>
|
||||
<p>I also looked at other file types. Binaries are very interesting because they follow very strict ordering rules. I was hoping that a <code class="highlighter-rouge">wav</code> file would do something similar, but that does not appear to be the case. This is the most interesting pattern I could find in a <code class="highlighter-rouge">wav</code> file:</p>
|
||||
|
||||
<blockquote class="twitter-tweet"><p lang="en" dir="ltr">Following up my previous post with a tiny segment of an audio file. This one is little less interesting <a href="https://t.co/u9EFloxnK5">pic.twitter.com/u9EFloxnK5</a></p>&mdash; Evan Pratten (@ewpratten) <a href="https://twitter.com/ewpratten/status/1171883910827040774?ref_src=twsrc%5Etfw">September 11, 2019</a></blockquote>
|
||||
|
||||
<p>Back to executable data, these are small segments of a <code class="highlighter-rouge">dll</code> file:</p>
|
||||
|
||||
<p><img src="/assets/images/dll.png" alt="Segment 1" /></p>
|
||||
|
||||
<p><img src="/assets/images/dll2.png" alt="Segment 2" /></p>
|
||||
|
||||
<h2 id="check-out-the-script">Check out the script</h2>
|
||||
<p>This script is hosted <a href="https://github.com/Ewpratten/binmap">on my GitHub account</a> as a standalone file. Any version of python3 should work, but the following libraries are needed:</p>
|
||||
|
||||
<ul>
|
||||
<li>Pillow</li>
|
||||
<li>Numpy</li>
|
||||
</ul></content><author><name></name></author><summary type="html">During a computer science class today, we were talking about embedding code and metadata in jpg and bmp files. @SilasBartha was showing off a program he wrote that watched a directory for new image files, and would display them on a canvas. He then showed us a special image. In this image, he had injected some metadata into the last few pixels, which were not rendered, but told his program where to position the image on the canvas, and it’s size.</summary></entry><entry><title type="html">Doing Python OOP the wrong way</title><link href="http://0.0.0.0:4000/blog/2019/09/07/wrong-python" rel="alternate" type="text/html" title="Doing Python OOP the wrong way" /><published>2019-09-07T09:13:00-04:00</published><updated>2019-09-07T09:13:00-04:00</updated><id>http://0.0.0.0:4000/blog/2019/09/07/wrong-python</id><content type="html" xml:base="http://0.0.0.0:4000/blog/2019/09/07/wrong-python"><p>If you know me, you probably know of the many weird things I do with python. Most recent of which being this <a href="https://en.wikipedia.org/wiki/Fizz_buzz">FizzBuzz</a> implementation in one line of python code:</p>
|
||||
<div class="language-python highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="n">_</span><span class="o">=</span><span class="p">[</span><span class="k">print</span><span class="p">(</span><span class="s">"FizzBuzz"</span><span class="p">[</span><span class="n">_</span><span class="o">*</span><span class="n">_</span><span class="o">%</span><span class="mi">3</span><span class="o">*</span><span class="mi">4</span><span class="p">:</span><span class="mi">8</span><span class="o">--</span><span class="n">_</span><span class="o">**</span><span class="mi">4</span><span class="o">%</span><span class="mi">5</span><span class="p">]</span> <span class="ow">or</span> <span class="n">_</span><span class="p">)</span> <span class="k">for</span> <span class="n">_</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="mi">101</span><span class="p">)]</span>
|
||||
</code></pre></div></div>
|
||||
|
||||
@ -562,43 +609,4 @@ ibus-daemon <span class="nt">-drx</span>
|
||||
<p>Thats it! Super simple, and only two days from concept to reality.</p>
|
||||
|
||||
<h2 id="where-is-this-hosted">Where is this hosted?</h2>
|
||||
<p>This program is hosted on a raspberry pi laying in my room running docker. I also have <a href="https://www.portainer.io/">Portainer</a> set up so I can easily monitor the bot from my phone over my VPN.</p></content><author><name></name></author><summary type="html">Over the past year and a half, I have been hacking my way around the undocumented devRant auth/write API. At the request of devRant’s creators, this API must not be documented due to the way logins work on the platform. That is besides the point. I have been working on a little project called devDNS over the past few days that uses this undocumented API. Why must I be so bad at writing intros?</summary></entry><entry><title type="html">I had some fun with a router</title><link href="http://0.0.0.0:4000/blog/2019/06/27/pwnlink" rel="alternate" type="text/html" title="I had some fun with a router" /><published>2019-06-27T13:16:00-04:00</published><updated>2019-06-27T13:16:00-04:00</updated><id>http://0.0.0.0:4000/blog/2019/06/27/PWNlink</id><content type="html" xml:base="http://0.0.0.0:4000/blog/2019/06/27/pwnlink"><p>I was playing around with some D-link routers today and remembered an <a href="https://www.exploit-db.com/exploits/33520">ExploitDB Entry</a> I read a while ago. Many D-link routers have a great feature that allows remote management and configuration queries. Interestingly, this cannot be disabled, and one of the pages contains a cleartext version of the admin password (yay!).</p>
|
||||
|
||||
<h2 id="how-to-get-yourself-an-admin-password">How to get yourself an admin password</h2>
|
||||
<p>On any supported router, make an HTTP request to <code class="highlighter-rouge">http://your.router.ip.addr/tools_admin.asp/</code>. This will return a pretty large XML file containing information about your router’s hardware and configuration.</p>
|
||||
|
||||
<p>Notice the fact that you did not have to log in. This is due to the fact that this file seems to be used by a remote management service of some sort.</p>
|
||||
|
||||
<p>The important thing to note here is that, when parsed with the regex pattern: <code class="highlighter-rouge">name="user_password_tmp" value="(.*)"&gt;</code>, you get a single string. This string is the admin password of the device.</p>
|
||||
|
||||
<h2 id="supported-routers">Supported routers</h2>
|
||||
<p>This is supported by many D-link routers. The ones I know about are:</p>
|
||||
<ul>
|
||||
<li>DIR-835</li>
|
||||
<li>DIR-855L</li>
|
||||
<li>DGL-5500</li>
|
||||
</ul>
|
||||
|
||||
<p>Some routers have this XML file, but it is restricted… By a user without a password. These are:</p>
|
||||
<ul>
|
||||
<li>DHP-1565</li>
|
||||
<li>DIR-652</li>
|
||||
</ul>
|
||||
|
||||
<h2 id="pwnlink">PWNlink</h2>
|
||||
<p>Like everything I play with, I made a script to do this all for me (and spent a large amount of time adding colours to the text).</p>
|
||||
|
||||
<p>My script is called PWNlink (PWN + D-link), It automatically finds a router on your network by looking for a specific DNS entry created by many D-link routers, then checking your gateway. Next, PWNlink reads you router’s <code class="highlighter-rouge">hnap1</code> config to find it’s model number. If supported, the script will read and parse the appropriate configs to give you the admin credentials for your router.</p>
|
||||
|
||||
<p>PWNlink can be installed on any *nix computer that has both <code class="highlighter-rouge">python3.7</code> and <code class="highlighter-rouge">python3-pip</code> installed. To install PWNlink, run:</p>
|
||||
<div class="highlighter-rouge"><div class="highlight"><pre class="highlight"><code>pip3 install pwnlink
|
||||
</code></pre></div></div>
|
||||
|
||||
<p>Run the script without any arguments for automatic detection, or pass any IP address to use manual detection.</p>
|
||||
|
||||
<h2 id="disclamier-thingy">Disclamier thingy</h2>
|
||||
<p>I don’t see much point to these, but I should probably put one anyways.</p>
|
||||
|
||||
<p><strong>Don’t be dumb with this script.</strong></p>
|
||||
|
||||
<p>I have only used it on my own (or 5024’s) routers, and did not create PWNlink with any malicious intent.</p></content><author><name></name></author><category term="projects" /><summary type="html">I was playing around with some D-link routers today and remembered an ExploitDB Entry I read a while ago. Many D-link routers have a great feature that allows remote management and configuration queries. Interestingly, this cannot be disabled, and one of the pages contains a cleartext version of the admin password (yay!).</summary></entry></feed>
|
||||
<p>This program is hosted on a raspberry pi laying in my room running docker. I also have <a href="https://www.portainer.io/">Portainer</a> set up so I can easily monitor the bot from my phone over my VPN.</p></content><author><name></name></author><summary type="html">Over the past year and a half, I have been hacking my way around the undocumented devRant auth/write API. At the request of devRant’s creators, this API must not be documented due to the way logins work on the platform. That is besides the point. I have been working on a little project called devDNS over the past few days that uses this undocumented API. Why must I be so bad at writing intros?</summary></entry></feed>
|
||||
@ -88,7 +88,7 @@ https://blog.mrtnrdl.de/feed.xml
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -166,6 +166,9 @@ https://blog.mrtnrdl.de/feed.xml
|
||||
console.log('callback - particles.js config loaded');
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
@ -101,7 +101,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -180,4 +180,7 @@
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
</body>
|
||||
@ -256,7 +256,7 @@
|
||||
<span class="site-info">
|
||||
Site design by: <a href="https://retrylife.ca">Evan Pratten</a> |
|
||||
|
||||
This site was last updated at: 2019-09-11 11:41:26 -0400
|
||||
This site was last updated at: 2019-09-11 17:12:28 -0400
|
||||
</span>
|
||||
</div>
|
||||
|
||||
@ -329,5 +329,8 @@
|
||||
});
|
||||
</script>
|
||||
|
||||
<!-- Twitter embeds -->
|
||||
<script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
|
||||
|
||||
|
||||
</body>
|
||||
BIN
assets/images/dll.png
Normal file
BIN
assets/images/dll.png
Normal file
Binary file not shown.
|
After 
(image error) Size: 10 KiB |
BIN
assets/images/dll2.png
Normal file
BIN
assets/images/dll2.png
Normal file
Binary file not shown.
|
After 
(image error) Size: 7.4 KiB |
Loading…
x
Reference in New Issue
Block a user