{"id":19446875,"url":"https://github.com/trimscash/skiphead","last_synced_at":"2025-07-31T09:04:59.057Z","repository":{"id":225236998,"uuid":"765434053","full_name":"trimscash/skiphead","owner":"trimscash","description":"skiphead can separate files into n-byte sections, analyze them, and output them.","archived":false,"fork":false,"pushed_at":"2024-03-13T19:17:56.000Z","size":95,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-25T08:44:46.659Z","etag":null,"topics":["cli","ctf","forensics","steganography","tool"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trimscash.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2024-02-29T22:57:35.000Z","updated_at":"2024-11-03T17:07:09.000Z","dependencies_parsed_at":"2024-03-13T20:36:18.191Z","dependency_job_id":null,"html_url":"https://github.com/trimscash/skiphead","commit_stats":null,"previous_names":["trimscash/skiphead"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/trimscash/skiphead","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trimscash%2Fskiphead","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trimscash%2Fskiphead/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trimscash%2Fskiphead/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trimscash%2Fskiphead/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trimscash","download_url":"https://codeload.github.com/trimscash/skiphead/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trimscash%2Fskiphead/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":268016308,"owners_count":24181651,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-31T02:00:08.723Z","response_time":66,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","ctf","forensics","steganography","tool"],"created_at":"2024-11-10T16:15:29.742Z","updated_at":"2025-07-31T09:04:58.956Z","avatar_url":"https://github.com/trimscash.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# skiphead\nForensic tool. Software that can separate files into n-byte sections, analyze them, and output them.\n\nUseful when files are hidden and inserted every n bytes.\n\nフォレンジックツール．ファイルをnバイトごとにskipして解析することができます．ファイルをnバイトごとに区切って解析し，出力できるソフト．\n\nnバイトごとに別のファイルが挿入されている場合に便利です．\n\n\n![image](https://github.com/trimscash/skiphead/assets/42578480/6e1f3be4-e066-4038-b2b0-a2a1b40e91ae)\n\n\nYou can search for file types by combining parameters.\n\nパラメータを組み合わせてファイルの種類を探索できます，\n\n![image](https://github.com/trimscash/skiphead/assets/42578480/f7fc47fa-433f-4851-ad3a-3d801326ae44)\n\n\n\n# Setup\n```\ngit clone https://github.com/trimscash/skiphead ~\ncd skiphead\ncargo build -r\necho \"export PATH=\\$PATH:\\$HOME/skiphead/target/release\" \u003e\u003e ~/.zshrc\nsource ~/.zshrc\n```\nand use it. \nReplace .zshrc with the one you are using\n\n# Usage\n```\nParse the header of the file skipped by n bytes and display the file type.\n skiphead can search for file types by combining parameters.\n Forensic app\n\nUsage: skiphead [OPTIONS] \u003cFILE\u003e\n\nArguments:\n  \u003cFILE\u003e\n\nOptions:\n  -s \u003cSKIP_NUMS\u003e...\n          Number of skips. Must be greater than 0 [default: 1 2 3] [short aliases: n]\n  -l \u003cPICK_LENGTH\u003e...\n          Length to pick up from that location. Must be greater than 0 [default: 0]\n  -o \u003cPICK_OFFSET\u003e...\n          Offset to start picking within that range. Must be greater than or equal to 0 [default: 0]\n  -f \u003cFILE_OFFSET\u003e\n          Offset to start parsing the entire file [default: 0]\n  -c, --combinate\n          Combinate param mode. default mode is one on one\n  -x, --export-file\n          Whether to output the file [aliases: output, export, output-file]\n  -z, --only\n          Only non bin file\n  -p, --print\n          Print head of buffer\n      --output-directory \u003cOUTPUT_DIRECTORY\u003e\n          Output directory path [default: ./skiphead_out]\n  -h, --help\n          Print help\n```\n\n# Example\n### picoCTF 2023 Invisible WORDs\n\nhttps://play.picoctf.org/practice/challenge/354\n\nこの問題を以下のwriteupを参考にしながら`skiphead`で解く．\n\nSolve this problem with `skiphead`, referring to the following writeup. \n\nhttps://digitaltravesia.jp/CTF/picoCTF2023/picoCTF_2023_Writeup.html\n\n\n![image](https://github.com/trimscash/skiphead/assets/42578480/6ba928fe-7b42-4c92-a294-1f4cfa8fdbd1)\n\n\nファイルオフセット`140 byte`から`4byte`ごとに`2byte`，別のファイルが挿入されている．\n\nEvery `4 bytes` from file offset `140 bytes` to `2 bytes`, another file is inserted. \n\nこれを`skiphead`でやると以下のコマンドでできる．\n\nThis can be done with `skiphead` by the following command. \n\n```\nskiphead output.bmp -f 140 -n 4 -l 2\n```\n\n![image](https://github.com/trimscash/skiphead/assets/42578480/69fe68d1-17ac-4343-b0ac-e320895b0c51)\n\nこのようにZIPヘッダであることがわかる．さらに，`--output`オプションをつけることで`./skiphead_out`にファイルを抽出することができる．\n\nAs you can see, it is a ZIP header. In addition, the `--output` option can be used to extract the file to `. /skiphead_out`. \n\n```\nskiphead output.bmp -f 140 -n 4 -l 2 --output \n```\n\n![image](https://github.com/trimscash/skiphead/assets/42578480/c422d393-f6f9-45d4-afd9-eb332af04e33)\n\nこれを以下のコマンドで展開し，`\"{\"`で文字列を抽出するとフラグが得られる．\n\nThis is expanded with the following command, and the flag is obtained by extracting the string with `\"{\"`. \n\n```\n7z e skip_4_pick_offset_0_pick_length_2_file_offset_140\n```\n\n![image](https://github.com/trimscash/skiphead/assets/42578480/a653fb11-76ec-43e7-9222-f290f22a037b)\n\n```\npicoCTF{w0rd_d4wg_y0u_f0und_5h3113ys_m4573rp13c3_a23dfbd4}\n```\n\n# todo\n- Contributions are welcome!\n- ほしい機能があればコントリビュータになってください！\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrimscash%2Fskiphead","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrimscash%2Fskiphead","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrimscash%2Fskiphead/lists"}