1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Someone just tweeted the entire works of Shakespeare with one tweet

By Cal Jeffrey · 9 replies
Nov 1, 2018
Post New Reply
  1. However, one researcher noticed that tweets would leave one form of metadata alone. So with a little coding ingenuity, David Buchanan was able to cram the entire works of Shakespeare into one tiny image and post it in a tweet.

    Buchanan told Motherboard that Twitter does not touch a particular type of image metadata called ICC.

    “So basically, I wrote a script which parses a JPG file and inserts a big blob of ICC metadata,” Buchanan said. “The metadata is carefully crafted so that all the required ZIP headers are in the right place.”

    He noted that the process is not perfect and requires a lot of “fiddling.” It took him two hours to get all the compressed data into the image that is, appropriately, a low-res portrait of Shakespeare that says, “Unzip Me.”

    "I tried reporting this techinque to twitter's bug bounty program, but it's #notabug."

    Buchanan said he got the idea while he was trying to see how much raw data he could stuff into one tweet.

    “A while later I had the idea to embed a ZIP file,” he said

    After finding the tweet had successfully posted, Buchanan replied with instructions on how to extract the data. Followers were able to confirm that the files are all intact and contain the works as found in Project Gutenberg.

    He acknowledges that the technique presents an opportunity for bad actors to distribute malware, but says this use case has already been employed, just with smaller packages.
    “[Malware distribution] already has been possible via more ‘traditional’ steganography techniques, but this method allows you to pack in way more data.”

    Buchanan said that he tried to collect a bug bounty from Twitter for the exploit, but was denied. Twitter told him it was not a bug. “Fair enough, but that just means we can have some fun with it,” he tweeted.

    Steganography has also been used to secretly pass messages over social media. A browser extension called "Secretbook" allows users to embed a 140-character message with a password into an image and upload it to Facebook. Only those with the password can extract the message.

    Permalink to story.

  2. GreenArrow

    GreenArrow TS Enthusiast Posts: 65   +47

    Sweet if its not a bug its a fetcher. hence tweeter can be the next cloud storage platform.
    Versutus, Reehahs and Godel like this.
  3. qking

    qking TS Booster Posts: 53   +31

    Just wow.
    GirlDownunder likes this.
  4. Evernessince

    Evernessince TS Evangelist Posts: 3,902   +3,346

    He might as well write a program that let's people attach huge amounts of data to their tweets. Maybe then they will consider it a bug.

    Metadata has been exploited in the past. There is a known PHP exploit that can execute code secretly stored in image metadata. For example, a smart hacker can send a tweet with an image and hidden PHP code. The PHP code would run and execute the much larger hidden payload within the image.

    Anyone who loads that tweet would be infected. Of course this is all assuming that you can slip PHP code somewhere but I'm sure it's possible.
  5. Reachable

    Reachable TS Evangelist Posts: 369   +183

    Though this be madness, yet there is method in't.
    Cal Jeffrey, BobHome and woofer like this.
  6. woofer

    woofer TS Enthusiast Posts: 42   +7

    Getting checksum errors when trying to extract rar files from renamed zip with Archive Manager on Linux Mint 18.3. Any suggestions?
  7. Qrash

    Qrash TS Rookie

    I used 7-zip in Windows to extract 31 rar files (30 x 63KB, 1 x 3KB). This produced a warning about "data after the end of the payload data" and "the archive is open with offset", but the 31 rar seem fine. Next, I used 7-zip to extract the first rar file which resulted in a single 6,869 KB HTML file. The first rar file refers to the next rar file and so on.
  8. woofer

    woofer TS Enthusiast Posts: 42   +7

    Actually, I got a clue from the Archive Manager error messages when attempting to open an extracted html file from its rar file:

    Cannot find volume ~/Downloads/shakespeare.part002.rar
    shakespeare.html - checksum error

    Each one looks for the next one, so I realized I had to extract all into the same directory. Once I did that, it worked fine, and opened a web browser with all the works "strung together".

    Devious! ;-}
    Cal Jeffrey likes this.
  9. Plutoisaplanet

    Plutoisaplanet TS Booster Posts: 92   +71

    I've seen a webpage also function as an image before. The page embedded a link to itself as an image and it worked great! Inspect the source here: http://lcamtuf.coredump.cx/squirrel/
  10. GirlDownunder

    GirlDownunder TS Booster Posts: 104   +33

    Glad to see independent thought, ingenuity, and imagination is still alive and well in our current state of "what-the-h*ll-happened" society.
    Cal Jeffrey likes this.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...