Extracting With pngdump.py

    Published: 2025-06-08. Last Updated: 2025-06-08 05:16:10 UTC
    by Didier Stevens (Version: 1)
    0 comment(s)

    Inspired by Xavier's diary entry "A PNG Image With an Embedded Gift", I updated my pngdump.py program to enable the extraction of chunks and extra data (similar to my other analysis tools, like pngdump.py).

    Here is the analysis of the trojanized PNG file Xavier discussed:

    Notice that this PNG file has 11 "items": 10 valid items (1 header and 9 chunks) and one invalid item: unexpected data after the terminating chunk (IEND).

    This can easily be selected with -s 11:

    That's the appended payload:

    Didier Stevens
    Senior handler
    blog.DidierStevens.com

    Keywords:
    0 comment(s)

    Wireshark 4.4.7 Released

    Published: 2025-06-08. Last Updated: 2025-06-08 05:15:25 UTC
    by Didier Stevens (Version: 1)
    0 comment(s)

    Wireshark release 4.4.7 fixes 1 vulnerability (CVE-2025-5601) and 8 bugs.

    Didier Stevens
    Senior handler
    blog.DidierStevens.com

    Keywords:
    0 comment(s)

      Comments

      Login here to join the discussion.


      Diary Archives