Ok, NSA, very very much ungrateful being at this level of computing, and special having no God damm effect over the "system" for the simplest reason, nobody here, understands shit about it! So, because we are here , in a very specific tribe...and I don't hv money for a cup of strawberries...check the next code

Gosto

ComentarPartilhar

Comentários

Elsa David NSA - National Security Agency the code is

Gerir

Gosto

 · Responder · 1 min

Elsa David A simple fun python script written to hide actual payload in image pixels and adding the loader to a PNG file.
wikijm/html_png_polyglot.py ( python)

# Simple script to have fun with PNG+HTML polyglot
# WARNING: This script is not optimised and just written for fun
#
# Author : Bharadwaj Machiraju
#
# Requirements: Pillow
#
# http://blog.tunnelshade.in/2015/06/stegosploit-fun.html

import re
import sys
import struct
import argparse
import binascii

parser = argparse.ArgumentParser(description='Do some simple magic with PNG and not all PNG files are supported')
parser.add_argument('-i', dest='inp', required=True, help='path of the input PNG file')
parser.add_argument('-p', dest='payload', required=True, help='path of a payload HTML file')
parser.add_argument('-o', dest='out', required=True, help='path for output polyglot')

args = parser.parse_args()

from PIL import Image

print("[*] Opening payload and converting to bit string")
payload = open(args.payload, 'r').read().encode('hex')
bin_payload = "".join('{:04b}'.format(int(c, 16)) for c in payload)

im = Image.open(args.inp).convert('RGBA')
pixels = im.load()
size = im.size[0]*im.size[1]

if len(bin_payload) > 3*size:
print("[*] Sorry, get a higher resolution image")
sys.exit()

def change_lsb():
index = 0
for j in range(0, im.size[1]):
for i in range(0, im.size[0]):
temp_list = list(pixels[i, j])
for k in [0, 1, 2]:
temp_list[k] = ((pixels[i, j][k] & ~(1)) | (int(bin_payload[index])))
index += 1
pixels[i, j] = tuple(temp_list)
if index == len(bin_payload): return

print("[*] Hiding data in LSB")
change_lsb()
print("[*] Saving intermediate PNG")
im.save("intermediate.png")

# Creating final PNG

print("[*] Opening intermediate png for adding loader")
hex_content = binascii.hexlify(open('intermediate.png', 'rb').read())
hex_array = [hex_content[i:i+2] for i in range(0, len(hex_content), 2)]
o = open(args.out, 'wb')

# PNG Header
print("[*] Writing PNG header")
o.write(binascii.unhexlify(''.join(hex_array[0:8])))

print("[*] Writing IHDR chunk")
ihdr_length = (4 + 4 + int(''.join(hex_array[8:12]), 16) + 4)
o.write(binascii.unhexlify(''.join(hex_array[8:8 + ihdr_length])))

loader = """

<!--
"""
print("[*] Minifying loader html")
loader = re.sub("\n[\s]*", '', loader)
loader = re.sub("[\s]*=[\s]*", '=', loader)
loader = re.sub("[\s]*}[\s]*", '}', loader)
llader = re.sub("[\s]*{[\s]*", '{', loader)

print("[*] Writing iTXt chunk containing loader")
itxt_content_length = struct.pack(">i", len(loader)).encode('hex')
itxt_content = 'iTXt'.encode('hex') + loader.encode('hex')
itxt_crc = struct.pack(">i", binascii.crc32(itxt_content)).encode('hex')
o.write(binascii.unhexlify(itxt_content_length + itxt_content + itxt_crc))

print("[*] Writing the remaining data")
o.write(binascii.unhexlify(''.join(hex_array[8 + ihdr_length:])))

o.close()Gerir

bharadwaj.machiraju

TUNNELSHADE.IN

Gosto

 · Responder · Eliminar pré-visualização · 1 min

Elsa David this was written for fun NSA - National Security Agency

Gerir

Gosto

 · Responder · 1 min

Elsa David and I'm reading the code for fun, too