image, encoded in the RSA modulus.
To extract the image, run:
Here's a valid SSL certificate containing a 1-up mushroom image, encoded in the RSA modulus.
To extract the image, run:
curl https://crt.sh/?d=348762047 | openssl x509 -modulus -noout | perl -p -e 's/^.+?=//; s/([0-9A-F]{2})/chr hex $1/ge' > img.png
The image is encoded in the modulus's most significant bits. The PNG specification allows for extra trailing bytes, so the remainder of the modulus is ignored when displaying the image. If you look closely, you can see the PNG header:
Here's another valid SSL certificate, this one contains 'SSL' in the RSA modulus:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:13:1f:e4:7e:3a:b0:14:e1:81:df:2e:46:a4:01:b5:fb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
Validity
Not Before: Mar 5 19:28:46 2018 GMT
Not After : Jun 3 19:28:46 2018 GMT
Subject: CN=www.skip.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:fc:48:9a:d1:42:03:aa:23:27:e8:e9:5a:3c:e4:
63:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:ac:
1c:cc:88:88:88:cc:88:88:88:cc:88:cc:cc:cc:12:
aa:cc:88:cc:cc:cc:88:cc:cc:cc:88:cc:cc:cc:5e:
93:cc:88:88:88:cc:88:88:88:cc:88:cc:cc:cc:df:
02:cc:cc:cc:88:cc:cc:cc:88:cc:88:cc:cc:cc:e4:
c7:cc:88:88:88:cc:88:88:88:cc:88:88:88:cc:65:
3b:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:cc:e2:
ff:ff:ff:ff:ff:67:84:7d:b1:90:38:90:37:46:10:
97:70:a4:4d:90:24:c4:1d:8b:24:4e:32:1e:33:61:
4d:ad:2d:14:d7:a2:49:a5:fc:1a:07:a1:76:73:7e:
4a:10:e1:2b:2a:e3:f4:de:fc:0c:5d:38:81:fe:1a:
59:f1:47:de:53:36:fe:c2:0d:6d:96:5d:28:cb:45:
88:04:ee:0c:25:1a:07:73:32:c4:82:bb:5e:f7:6e:
f2:36:a3:4b:f3:64:4d:dd:aa:6b:12:92:96:e8:35:
ee:fd:5c:a1:14:77:44:1e:01:89:10:cd:24:77:70:
74:92:a0:52:94:a0:ba:78:2d:d4:9d:80:b8:b8:b5:
b0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
30:EC:D8:0A:CB:98:9F:C6:A6:46:5D:29:C0:16:0D:9A:10:12:0C:9B
X509v3 Authority Key Identifier:
keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
Authority Information Access:
OCSP - URI:http://ocsp.int-x3.letsencrypt.org
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:www.skip.org
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
User Notice:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
Signature Algorithm: sha256WithRSAEncryption
37:d7:29:d9:07:7e:68:5c:a9:e1:30:0f:19:52:5a:e1:51:24:
b3:37:c9:9c:07:d0:f9:0e:7f:08:06:d3:82:ee:dc:b5:de:7e:
13:32:8c:22:44:9b:1a:e3:e0:e5:75:62:66:c2:a1:6c:99:10:
df:97:db:59:ad:73:51:11:24:c7:9a:6a:78:18:0b:63:69:f0:
fd:6b:9c:a3:ab:ca:d8:c3:01:f1:e7:22:55:84:ff:d9:13:bd:
5a:fe:5f:d7:01:12:a5:38:08:ce:4b:bd:6e:b5:45:2c:18:56:
1d:4b:03:60:61:c0:18:56:d1:e1:e8:9a:26:51:21:09:39:22:
7a:ef:49:a8:77:4c:a4:08:2c:cc:ef:e3:bf:c7:59:5c:91:1d:
ec:1f:35:28:16:55:7d:1f:dc:0b:17:1b:97:0f:52:d9:75:e1:
f4:7b:91:6f:c6:41:2c:bf:49:95:67:a9:6c:86:e4:22:d7:28:
20:b0:ac:5a:0e:d9:5e:fb:c7:d2:6b:dd:ec:16:af:94:f3:9b:
e1:10:1d:7c:33:7b:e7:af:69:af:c6:f2:ea:88:3f:cd:cf:e3:
01:43:be:12:90:6e:92:bb:69:03:8a:59:87:87:82:1f:d0:fc:
95:23:94:b7:80:95:16:e4:a0:44:56:3a:23:ff:c0:0a:48:92:
c1:bd:42:4f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgISAxMf5H46sBThgd8uRqQBtftxMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAzMDUxOTI4NDZaFw0x
ODA2MDMxOTI4NDZaMBcxFTATBgNVBAMTDHd3dy5za2lwLm9yZzCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAPxImtFCA6ojJ+jpWjzkY8zMzMzMzMzMzMzM
zMysHMyIiIjMiIiIzIjMzMwSqsyIzMzMiMzMzIjMzMxek8yIiIjMiIiIzIjMzMzf
AszMzIjMzMyIzIjMzMzkx8yIiIjMiIiIzIiIiMxlO8zMzMzMzMzMzMzMzMzi////
//9nhH2xkDiQN0YQl3CkTZAkxB2LJE4yHjNhTa0tFNeiSaX8GgehdnN+ShDhKyrj
9N78DF04gf4aWfFH3lM2/sINbZZdKMtFiATuDCUaB3MyxIK7Xvdu8jajS/NkTd2q
axKSlug17v1coRR3RB4BiRDNJHdwdJKgUpSgungt1J2AuLi1sDkCAwEAAaOCAgww
ggIIMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUMOzYCsuYn8amRl0pwBYNmhASDJsw
HwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBh
MC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
MC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
LzAXBgNVHREEEDAOggx3d3cuc2tpcC5vcmcwgf4GA1UdIASB9jCB8zAIBgZngQwB
AgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl
dHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRl
IG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQg
b25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBm
b3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkq
hkiG9w0BAQsFAAOCAQEAN9cp2Qd+aFyp4TAPGVJa4VEkszfJnAfQ+Q5/CAbTgu7c
td5+EzKMIkSbGuPg5XViZsKhbJkQ35fbWa1zUREkx5pqeBgLY2nw/Wuco6vK2MMB
8eciVYT/2RO9Wv5f1wESpTgIzku9brVFLBhWHUsDYGHAGFbR4eiaJlEhCTkieu9J
qHdMpAgszO/jv8dZXJEd7B81KBZVfR/cCxcblw9S2XXh9HuRb8ZBLL9JlWepbIbk
ItcoILCsWg7ZXvvH0mvd7BavlPOb4RAdfDN7569pr8by6og/zc/jAUO+EpBukrtp
A4pZh4eCH9D8lSOUt4CVFuSgRFY6I//ACkiSwb1CTw==
-----END CERTIFICATE-----