Public File Metadata Analysis - Tradecraft Security Weekly #1
05/18/17 • 11 min
Public File Metadata Analysis with PowerMeta - It is very common for organizations to post files (docx, pdf, xlsx, etc.) to publicly available websites on the Internet. Often times these organizations have not taken the time to strip the metadata attached to these files. This leaves the potential for remote attackers to discover sensitive information from them including usernames, software used to create them, or system names. In this episode Beau demonstrates a PowerShell tool called PowerMeta that can be used to discover these files on a target site and extract the metadata from them.
PowerMeta: https://github.com/dafthack/PowerMeta
Strip Word Docs of Metadata: https://support.office.com/en-us/article/Remove-hidden-data-and-personal-information-by-inspecting-documents-356b7b5d-77af-44fe-a07f-9aa4d085966f
Strip PDFs of Metadata: https://blog.joshlemon.com.au/protecting-your-pdf-files-and-metadata/
Strip Photos of Metadata: http://www.makeuseof.com/tag/3-ways-to-remove-exif-metadata-from-photos-and-why-you-might-want-to/
Public File Metadata Analysis with PowerMeta - It is very common for organizations to post files (docx, pdf, xlsx, etc.) to publicly available websites on the Internet. Often times these organizations have not taken the time to strip the metadata attached to these files. This leaves the potential for remote attackers to discover sensitive information from them including usernames, software used to create them, or system names. In this episode Beau demonstrates a PowerShell tool called PowerMeta that can be used to discover these files on a target site and extract the metadata from them.
PowerMeta: https://github.com/dafthack/PowerMeta
Strip Word Docs of Metadata: https://support.office.com/en-us/article/Remove-hidden-data-and-personal-information-by-inspecting-documents-356b7b5d-77af-44fe-a07f-9aa4d085966f
Strip PDFs of Metadata: https://blog.joshlemon.com.au/protecting-your-pdf-files-and-metadata/
Strip Photos of Metadata: http://www.makeuseof.com/tag/3-ways-to-remove-exif-metadata-from-photos-and-why-you-might-want-to/
Next Episode
Attacking Exchange/OWA to Gain Access to AD Accounts - Tradecraft Security Weekly #3
Microsoft Exchange and Office365 are extremely popular products that organizations use for enterprise email. These services can be exploited by remote attackers to potentially gain access to Active Directory user credentials. In this Tradecraft Security Weekly episode Beau Bullock (@dafthack) demonstrates how to utilize MailSniper to enumerate internal domains, enumerate usernames, perform password spraying attacks, and get the global address list from Exchange and Office365 portals.
Links: MailSniper - https://github.com/dafthack/MailSniper
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/tradecraft-security-weekly-audio-309913/public-file-metadata-analysis-tradecraft-security-weekly-1-44711532"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to public file metadata analysis - tradecraft security weekly #1 on goodpods" style="width: 225px" /> </a>
Copy