lsb steg

.gitattributes

@@ -0,0 +1 @@
+*.png filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1,2 @@
+__pycache__
+gradio_cached_examples

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "python.formatting.provider": "black"
+}

LICENCE

@@ -0,0 +1,17 @@
+Copyright © 2017, Robin David - MIT-Licensed
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the Software without restriction, including without limitation
+the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and
+to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+The Software is provided "as is", without warranty of any kind, express or implied, including but not limited
+to the warranties of merchantability, fitness for a particular purpose and noninfringement. In no event shall
+the authors or copyright holders X be liable for any claim, damages or other liability, whether in an action
+of contract, tort or otherwise, arising from, out of or in connection with the software or the use or other
+dealings in the Software.
+
+Except as contained in this notice, the name of the Robin David shall not be used in advertising or otherwise
+to promote the sale, use or other dealings in this Software without prior written authorization from the Robin David.

LSBSteg.py

@@ -0,0 +1,198 @@
+#!/usr/bin/env python
+# coding:UTF-8
+"""LSBSteg.py
+
+Usage:
+  LSBSteg.py encode -i <input> -o <output> -f <file>
+  LSBSteg.py decode -i <input> -o <output>
+
+Options:
+  -h, --help                Show this help
+  --version                 Show the version
+  -f,--file=<file>          File to hide
+  -i,--in=<input>           Input image (carrier)
+  -o,--out=<output>         Output image (or extracted file)
+"""
+
+import cv2
+import docopt
+import numpy as np
+
+channel_order = (2, 1, 0, 3)
+
+class SteganographyException(Exception):
+    pass
+
+
+class LSBSteg():
+    def __init__(self, im):
+        self.image = im
+        self.height, self.width, self.nbchannels = im.shape
+        self.size = self.width * self.height
+        
+        self.maskONEValues = [1,2,4,8,16,32,64,128]
+        #Mask used to put one ex:1->00000001, 2->00000010 .. associated with OR bitwise
+        self.maskONE = self.maskONEValues.pop(0) #Will be used to do bitwise operations
+        
+        self.maskZEROValues = [254,253,251,247,239,223,191,127]
+        #Mak used to put zero ex:254->11111110, 253->11111101 .. associated with AND bitwise
+        self.maskZERO = self.maskZEROValues.pop(0)
+        
+        self.curwidth = 0  # Current width position
+        self.curheight = 0 # Current height position
+        self.curchan = 0   # Current channel position
+
+    def put_binary_value(self, bits): #Put the bits in the image
+        for c in bits:
+            val = list(self.image[self.curheight,self.curwidth]) #Get the pixel value as a list
+            if int(c) == 1:
+                val[self.curchan] = int(val[self.curchan]) | self.maskONE #OR with maskONE
+            else:
+                val[self.curchan] = int(val[self.curchan]) & self.maskZERO #AND with maskZERO
+                
+            self.image[self.curheight,self.curwidth] = tuple(val)
+            self.next_slot() #Move "cursor" to the next space
+        
+    def next_slot(self):#Move to the next slot were information can be taken or put
+        if self.curchan == self.nbchannels-1: #Next Space is the following channel
+            self.curchan = 0
+            if self.curwidth == self.width-1: #Or the first channel of the next pixel of the same line
+                self.curwidth = 0
+                if self.curheight == self.height-1:#Or the first channel of the first pixel of the next line
+                    self.curheight = 0
+                    if self.maskONE == 128: #Mask 1000000, so the last mask
+                        raise SteganographyException("No available slot remaining (image filled)")
+                    else: #Or instead of using the first bit start using the second and so on..
+                        self.maskONE = self.maskONEValues.pop(0)
+                        self.maskZERO = self.maskZEROValues.pop(0)
+                else:
+                    self.curheight +=1
+            else:
+                self.curwidth +=1
+        else:
+            self.curchan +=1
+
+    def read_bit(self): #Read a single bit int the image
+        val = self.image[self.curheight,self.curwidth,channel_order[self.curchan]]
+        val = int(val) & self.maskONE
+        self.next_slot()
+        if val > 0:
+            return "1"
+        else:
+            return "0"
+    
+    def read_byte(self):
+        return self.read_bits(8)
+    
+    def read_bits(self, nb): #Read the given number of bits
+        bits = ""
+        for i in range(nb):
+            bits += self.read_bit()
+        return bits
+
+    def byteValue(self, val):
+        return self.binary_value(val, 8)
+        
+    def binary_value(self, val, bitsize): #Return the binary value of an int as a byte
+        binval = bin(val)[2:]
+        if len(binval) > bitsize:
+            raise SteganographyException("binary value larger than the expected size")
+        while len(binval) < bitsize:
+            binval = "0"+binval
+        return binval
+
+    def encode_text(self, txt):
+        l = len(txt)
+        binl = self.binary_value(l, 16) #Length coded on 2 bytes so the text size can be up to 65536 bytes long
+        self.put_binary_value(binl) #Put text length coded on 4 bytes
+        for char in txt: #And put all the chars
+            c = ord(char)
+            self.put_binary_value(self.byteValue(c))
+        return self.image
+       
+    def decode_text(self):
+        ls = self.read_bits(16) #Read the text size in bytes
+        l = int(ls,2)
+        i = 0
+        unhideTxt = ""
+        while i < l: #Read all bytes of the text
+            tmp = self.read_byte() #So one byte
+            i += 1
+            unhideTxt += chr(int(tmp,2)) #Every chars concatenated to str
+        return unhideTxt
+
+    def encode_image(self, imtohide):
+        w = imtohide.width
+        h = imtohide.height
+        if self.width*self.height*self.nbchannels < w*h*imtohide.channels:
+            raise SteganographyException("Carrier image not big enough to hold all the datas to steganography")
+        binw = self.binary_value(w, 16) #Width coded on to byte so width up to 65536
+        binh = self.binary_value(h, 16)
+        self.put_binary_value(binw) #Put width
+        self.put_binary_value(binh) #Put height
+        for h in range(imtohide.height): #Iterate the hole image to put every pixel values
+            for w in range(imtohide.width):
+                for chan in range(imtohide.channels):
+                    val = imtohide[h,w][chan]
+                    self.put_binary_value(self.byteValue(int(val)))
+        return self.image
+
+                    
+    def decode_image(self):
+        width = int(self.read_bits(16),2) #Read 16bits and convert it in int
+        height = int(self.read_bits(16),2)
+        unhideimg = np.zeros((width,height, 3), np.uint8) #Create an image in which we will put all the pixels read
+        for h in range(height):
+            for w in range(width):
+                for chan in range(unhideimg.channels):
+                    val = list(unhideimg[h,w])
+                    val[chan] = int(self.read_byte(),2) #Read the value
+                    unhideimg[h,w] = tuple(val)
+        return unhideimg
+    
+    def encode_binary(self, data):
+        l = len(data)
+        if self.width*self.height*self.nbchannels < l+64:
+            raise SteganographyException("Carrier image not big enough to hold all the datas to steganography")
+        self.put_binary_value(self.binary_value(l, 64))
+        for byte in data:
+            byte = byte if isinstance(byte, int) else ord(byte) # Compat py2/py3
+            self.put_binary_value(self.byteValue(byte))
+        return self.image
+
+    def decode_binary(self):
+        l = int(self.read_bits(64), 2)
+        output = b""
+        for i in range(l):
+            output += bytearray([int(self.read_byte(),2)])
+        return output
+
+
+def main():
+    args = docopt.docopt(__doc__, version="0.2")
+    in_f = args["--in"]
+    out_f = args["--out"]
+    in_img = cv2.imread(in_f, cv2.IMREAD_UNCHANGED)
+    steg = LSBSteg(in_img)
+    lossy_formats = ["jpeg", "jpg"]
+
+    if args['encode']:
+        #Handling lossy format
+        out_f, out_ext = out_f.split(".")
+        if out_ext in lossy_formats:
+            out_f = out_f + ".png"
+            print("Output file changed to ", out_f)
+
+        data = open(args["--file"], "rb").read()
+        res = steg.encode_binary(data)
+        cv2.imwrite(out_f, res)
+
+    elif args["decode"]:
+        raw = steg.decode_binary()
+        with open(out_f, "wb") as f:
+            f.write(raw)
+
+
+if __name__=="__main__":
+    main()
+

README.md

@@ -0,0 +1,14 @@
+---
+title: Non-suspicious image decoder
+emoji: 🥳
+colorFrom: red
+colorTo: yellow
+sdk: gradio
+sdk_version: "3.13.2"
+app_file: app.py
+pinned: false
+---
+
+
+# Non Suspicious Image Decoder
+Recover pandas dataframe hidden in image

app.py

@@ -0,0 +1,89 @@
+import gradio as gr
+import cv2
+import io
+import pandas as pd
+
+from LSBSteg import LSBSteg
+
+
+def convert(file):
+    print(f"Converting file {file}")
+    in_img = cv2.imread(file, cv2.IMREAD_UNCHANGED)
+    lsbsteg = LSBSteg(in_img)
+    data = lsbsteg.decode_binary()
+    bytes = io.BytesIO(data)
+    dataframe = pd.read_parquet(bytes)
+
+    # dataframe.to_csv('output.csv')
+    return dataframe
+
+
+with gr.Blocks() as demo:
+    gr.Markdown("""
+        ## Non-Suspicious image decoder
+
+        This tool shows the extraction a dataframe hidden inside an image.
+
+        There are a few ways to hide data into a PNG file, notably:
+         * adding it after the end of the file (after the PNG IEND chunk), so that it gets
+           ignored by image viewers
+         * adding it as comments in the PNG file (tEXt chunks)
+
+        These methods are kind of easy to spot! Also, a lot of software, browsers, image upload
+         websites etc often just strip them.
+
+        So, here, we have a different, more thoughtful (and arguably cooler) method.
+
+        This class hides the data using a basic kind of **[steganography](https://en.wikipedia.org/wiki/Steganography)**:
+         it hides it in the
+         *least significant bits* of the raw (uncompressed) picture: tiny differences in the red, green and blue
+         channel of the image encodes the data we're interested in.
+
+        This means the resulting picture
+         looks **very close to the original image**; and for the data we hide here, it is **inperceptible
+         to the naked eye**.
+
+        The resulting PNG file will probably get a little bit bigger as a result, since PNG uses compression,
+         which will have a harder time when we have our stolen data injected into the image. This is
+         not that much of a problem since it stays <100Ko, so it's not that noticeable.
+
+        """)
+    with gr.Row():
+        im = gr.Image(label="Input image file", type="filepath")
+
+        def preprocess(encoding: str) -> str:
+            # We do our own preprocessing because gradio's deletes PNG metadata :(
+            import tempfile
+            import base64
+
+            content = encoding.split(";")[1]
+            image_encoded = content.split(",")[1]
+            png_content = base64.b64decode(image_encoded)
+            file_obj = tempfile.NamedTemporaryFile(
+                delete=False,
+                suffix=".input.png",
+            )
+            file_obj.write(png_content)
+            return file_obj.name
+
+        im.preprocess = preprocess
+        df_out = gr.Dataframe(
+            label="Output dataframe", max_rows=20, overflow_row_behaviour="paginate"
+        )
+        # file_out = gr.File(label="Full output CSV file")
+    btn = gr.Button(value="Extract")
+    gr.Markdown("Click on the example below to get the data from the associated colab notebook :)")
+    gr.Examples(
+        examples=["sample-picture.png"],
+        inputs=[im],
+        outputs=[df_out],
+        fn=convert,
+        cache_examples=True,
+    )
+    # demo = gr.Interface(convert, im, im_2)
+    btn.click(convert, inputs=[im], outputs=[df_out])
+
+    # example_img = os.path.join(os.path.dirname(__file__), "example-picture.png")
+
+if __name__ == "__main__":
+    demo.launch()

requirements.txt

@@ -0,0 +1,3 @@
+opencv-python
+docopt
+numpy