Hello and welcome to the Thursday, March 23rd, 2023 edition of the Sansonet Storms Center's Stormcast.

My name is Johannes Ulrich and today I'm recording from Augusta, Georgia.

Still a lot of questions about, well, cropping tools that don't crop images, right?

Or at least leave some remainder of the original image behind.

We had last week this issue with the Android sniping tool.

And, well, yesterday I talked about the same problem with Windows 11.

DDA now took a little bit of closer look at this problem and how to identify affected images.

First of all, the Windows 10 Snipping tool is not an issue here because it can't open existing files,

and this problem only shows up if you are reducing or cropping existing files.

And the DDA's PNG dump tool always was able to actually identify data after the I-end chunk,

which usually marks the end of a PNG image.

This technique, aside from all these cropping issues, was useful because sometimes

miscreants are adding data like binaries and such at the end of images just sort of to

obfuscate their presence.

So that's why PNGD dump, I believe, originally had this feature.

Now, Did he did add a new option to this feature, dash F or find that will scan any file that you give it

and then basically report on known PNG chunks and also well on unexpected data.

The nice thing about this particular option is that now you can actually just send a bunch of

images to the tool and then basically have it report on what particular chunks it finds and if there was any

uninspected data. So this should make it relatively easy to scan larger numbers of files for any

problems. Probably not a bad idea to sort of look at some of the PNGs that you have sitting

around. And given that we had this in two different sniffing tools already,

...