Data Exfiltiration with Phone Cam and OCR

I want to show you the data exfiltration technique with base64 and cellphone cam, also you can use it with OCR. But OCR doesn’t convert image to text %100, you must fix encoded file. Imagine that, you found a file that contains passwords but you can’t your server, you can’t plug any USB device, etc. How can you steal this file? Simple. Let’s do it.

Our example file

You should convert this file to base64 encoded string:


[Convert]::ToBase64String([Text.Encoding]::Unicode.GetBytes($(cat .\passwords.txt)))

I captured string (with phone) and downloaded the captured image with the WhatsApp web.

Captured and Cropped

Converting the string with OCR (not %100)

We fixed the base64 file and we stolen passwords.

Thanks for your time and your interest.

Berk KIRAS – Cyber Security Consultant

2 thoughts on “Data Exfiltiration with Phone Cam and OCR

  1. graliontorile says:

    This web site is really a walk-through for all of the info you wanted about this and didn’t know who to ask. Glimpse here, and you’ll definitely discover it.

Comments are closed.