Sunday, August 9, 2009

Metadata extraction

Metadata analysis is not new. This topic was revisited at the recent Defcon. Chema Alonso and Jose Palazon presented a tool called FOCA.
I decided to give it a whirl. Performed metadata extraction against PDF files hosted on Splunk's website. Besides names of Splunk employees, nothing else interesting to discover.

Tested FOCA against the Central Narcotics Bureau's website. Shocker!!! Besides usernames used by CNB, I was able to acquire I/C numbers. I classify this leakage as a high risk considering that the government standardised citizens' login IDs by requiring them to use their respective I/C numbers to access all government websites.

Don't want to install the FOCA software on your machine? You can opt for the online version.

No comments:

Post a Comment