tweetable-polyglot-png
writeups
tweetable-polyglot-png | writeups | |
---|---|---|
11 | 8 | |
2,500 | 122 | |
- | 3.3% | |
0.0 | 6.8 | |
over 2 years ago | 26 days ago | |
Python | Python | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tweetable-polyglot-png
-
Binary-to-text encoding optimised for Twitter and UTF-32
Makes me think of embedding an overlay filesystem / OS over twitter lol.
Similar: https://github.com/DavidBuchanan314/tweetable-polyglot-png
- Base 2048
- Pack up to 3MB of data into a tweetable PNG polyglot file
-
Anon has $1,000,000
Its a PNG that can also be executed as a Java program. You can create your on PNG's with data using: https://github.com/DavidBuchanan314/tweetable-polyglot-png
- 3MB of Data into a PNG
-
I found a software on Twitter that allows you to store up to 3MB into a PNG file. The source code is included.
This was made by David Buchanan on Twitter. He explains more in his Twitter post and on Github. It seems like a really cool idea to incorporate into a puzzle, so I figured you guys would like it.
- Show HN: Tweetable Polyglot PNG File
- tweetable - Pack up to 3MB of data into a tweetable PNG polyglot file.
- Show HN: Tweetable Polyglot PNGs: Pack a ~3MB Zip File into a Tweet
-
Security Researcher Hides ZIP, MP3 Files Inside PNG Files on Twitter
A security researcher has discovered a novel steganography technique for hiding data inside a Portable Network Graphics (.PNG) image file posted on Twitter, a tactic that could be exploited by threat actors to hide malicious activity. Researcher David Buchanan heralded his discovery on Twitter earlier this week, accompanied by a photo declaring: “Save this image and change the extension to .zip!” He made the source code for his method available in a ZIP/PNG file attached to the image as well as on a post on GitHub that explains his methodology.
writeups
- Question about ECDSA
-
Reduced Round AES CTR Attacks
See: https://github.com/p4-team/ctf/tree/master/2016-03-12-0ctf/peoples_square and also https://github.com/TFNS/writeups/tree/master/2020-06-05-DefenitCTF/spn (this one is not AES but some toy SPN, but the idea is exactly the same and maybe easier to understand)
-
Supersingular Isogeny Key Exchange in Python
Not exactly purely in Python because with sage and also the goal was breaking SIDH, but: https://github.com/TFNS/writeups/tree/master/2020-04-17-PlaidCTF/sidhe
-
What are some real-world security issues in cryptography?
I'm not even mentioning big stuff like https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries/ which interestingly enough is actually a vulnerability very similar to what exists in Java since the dawn of time -> https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/sun/security/provider/DSA.java#L358 (see: https://github.com/TFNS/writeups/tree/master/2020-10-03-TastelessCTF/petition )
-
Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries
The same issue exists in Java JDK for quite a while (see: https://github.com/TFNS/writeups/tree/master/2020-10-03-TastelessCTF/petition ) ;) I suspect there are many more libraries with similar problem.
Seems like the same problem as exists in Java JDK in DSA -> https://github.com/TFNS/writeups/tree/master/2020-10-03-TastelessCTF/petition
-
How did this person manage to extract all the RSA prime numbers in this writeup?
Check my writeup https://github.com/TFNS/writeups/tree/master/2021-10-23-ASIS-quals/madras if you need to understand where this come from.
-
Using compromised algorithms.
See an example: https://github.com/TFNS/writeups/tree/master/2021-03-13-UTCTF/sleeves
What are some alternatives?
StegCracker - Steganography brute-force utility to uncover hidden data inside files
squarectf - The "code" for squarectf.com
steno - Embedded steno firmware + custom steno PCBs
svachal - Automate writeup for vulnerable machines.
sample-programs - Sample Programs in Every Programming Language
cryptofuzz - Fuzzing cryptographic libraries. Magic bug printer go brrrr.
python-chess - A chess library for Python, with move generation and validation, PGN parsing and writing, Polyglot opening book reading, Gaviota tablebase probing, Syzygy tablebase probing, and UCI/XBoard engine communication
HiddenWave - Hide Your Secret Message in any Wave Audio File.
SteganoGAN - SteganoGAN is a tool for creating steganographic images using adversarial training.
hackingtool - ALL IN ONE Hacking Tool For Hackers
MasquerBot - A TelegramBot for true paranoids.
SIKE-Python - A python implementation of Supersingular Isogeny Key Exchange (SIKE) using the optimized reference algorithms