In cybersecurity and digital forensics field metadata of files is very important. We can get various information from metadata in files. This metadata may help us to get much more insider information while we are doing forensics testing. Also if we think about our privacy then metadata can harm our privacy in that case we can remove our metadata also.
In this detailed guide we are going to discuss about how we can read and remove metadata of any files using Kali Linux.To view and remove metadata on Kali Linux (or any other Linux), we need to install mat2 program. Mat2 (Metadata Anonymisation Toolkit 2) is a command-line metadata removal tool, supporting a wide range of commonly used file formats, written in python3. To install it on our system we need to apply following command on our Terminal:
In the following screenshot we can see that mat2 is installing on our system. It is not so large (under 25MB) package and the installation time will depends on our internet connection speed and system performance.
After the installation is finished we can check the help of mat2 by using following command:In the following screenshot we can see the help of mat2.
Now we can read the help options to know all the works of this tool. As we can see there is a -s flag, which can show us harmful metadata detectable by mat2 without removing them. Lets use it.
Mat2 can view and remove metadata from files so we need files to perform it. Here we have an downloaded image which contains metadata. We had saved the image on our Desktop (home/kali/Desktop/IMG_20201007_102037.jpg
).
To view it's metadata we can use following command:
In the following screenshot we can see the metadata of this image with various useful information:
Now if we want to remove these metadata this file we need to enter following command on our terminal:
In the following screenshot we can see that it is done.
Here the old files will remain unchanged, but new files will be created with the string .cleaned in the name and completely cleared metadata. As we can see in the following screenshot.
Now we can check if the there any metadata in the new cleaned file by using following command:
In the following screenshot we can see that the new file (.cleaned) did not contain any kind of metadata.
Total process of removing metadata |
This is how we can remove metadata of any file (not only images), if we need to clear metadata of all files in any particular folder then we can simply enter following command:
The above command will remove metadata from all files on our Desktop. If we want to clear metadata of files in other folders then we need put that directory with * . And it will create new .cleaned file for every old files, the .cleaned files will not contain any metadata.
This is all bout how we can clear or remove metadata from any files on our Kali Linux system.
Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.