11.2 Pictures

00:03

Hello. I will come back to the course East morning, Your Honor, I think some key five types that you probably will find one performing aphoristic analyses

00:13

in this lab. We're going to analyze our pictures, exist data or metal area with access to an application for reading. Writing on Ellery Met information in a wide variety of fice

00:26

exit stands for exchangeable image file for months in stores The camera settings used to create the picture on the time and date it was created.

00:35

You will live a Windows operating system environment with grocer, tool of the tool.

00:41

A secret program. Such a sow. Seeds we'll see or were are. And you will also need a picture files to analyze.

00:49

Okay, First, we open our bro. Sir,

00:54

I haven't hear a Google chrome on a Windows 10 environment, but feel free to use the grocer of your choice.

01:00

There's four exits tool.

01:03

You can go directly to the website. You think the link here this night

01:07

don't know the Willis a curable save it. Actually beating your computer

01:12

drag under off the picture file into replication cycle.

01:17

Some anti virus so far has been took off problems for the windows pressure off exits tool.

01:23

They may delete the tool when it is Rome or slow down the luncheon or block it from writing fais. The Tools website states that just due to the way that as if to for Windows works, Eats unpacks, executed all files into a temporary directory

01:42

on runs from there,

01:44

which apparently may be seen as a threat by anti viral. So far

01:49

a workaround is too large as these two to the exclusion least off the antivirus software.

01:56

Okay, after drugging and groping the big to fire into application, a common shell window will appear with the excess data.

02:04

You can press return to close this window

02:07

now. First application name from exit stool parenthesis dash kay

02:14

for And this is that XY two exits stool parenthesis Dash Kay does a dust you. Does he want Dash W,

02:25

the XTC Prentice's Start XY. This will safety out to a text file

02:32

again drug under up the picture filed into application. I could now with a different name,

02:39

check the next five created in the same folder.

02:44

Open it a note. What is Defies modification access on creation date on time.

02:51

Next, let's ask for the last question. What can we for if the size often image is extremely larger than it is supposed to be?

03:00

Here we have two similar pictures. The sites often much file then, is directly related to a number of pictures under granularity off the cooler definition. So if anonymous is extremely larger than the other, it may be hiding something inside. It can be a virus,

03:19

my work or in a local station file

03:21

with reveal heavy.

03:23

We will see this type of techniques on how to get this here. Information. If there is any in the sterile or a funeral,

03:31

there are online, does us well, So if you don't want to download anything to your computer, you can check the sights on upload your picture for all my life in there exists data.