Image File Hacking
Last modified: 2022-12-23
Repair Images
We need to edit the image header to repair the corrupted image to the correct format.
First check the header in hex.
xxd example.jpg | head
xxd example.png | head
JPG
To repair a JPG image , run the following command.
'\xff\xd8\xff\xe0\x00\x10\x4a\x46\x49\x46\x00\x01' means ‘. . . . . . JFIF . .’. It identifies JPG format.
# of=example.jpg: Write to file
# bs=N: Read and write up to N bytes at a time.
# conv=notrunc: Convert the file as per the comma separated symbol list. 'notrunc' means "Do not truncate the output file."
printf '\xff\xd8\xff\xe0\x00\x10\x4a\x46\x49\x46\x00\x01' | dd of=example.jpg bs=1 conv=notrunc
Confirm the header repaired.
xxd example.jpg | head
00000000: ffd8 ffe0 0010 4a46 4946 0001 0100 0001 ......JFIF......
00000010: 0001 0000 ffdb 0043 0003 0202 0302 0203 .......C........
00000020: 0303 0304 0303 0405 0805 0504 0405 0a07 ................
...
PNG
To repair a PNG image, run the following command.
'\x89\x50\x4E\x47' means ‘. PNG’. It identifies PNG format.
printf '\x89\x50\x4e\x47' | dd of=example.png bs=4 conv=notrunc
Confirm the header.
xxd example.png | head
00000000: 8950 4e47 0d0a 1a0a 0000 000d 4948 4452 .PNG........IHDR
00000010: 0000 0320 0000 0320 0806 0000 00db 7006 ... ... ......p.
00000020: 6800 0000 0173 5247 4200 aece 1ce9 0000 h....sRGB.......
...
