def test_hide_lsb_command_line():
with tempfile.TemporaryDirectory() as tmpdirname:
new_steg_file = os.path.join(tmpdirname, 'new_steg.png')
original_file = os.path.join(SCRIPTDIR, 'images', 'owl_nosteg.jpg')
hidden_message = 'This is my hidden LSB message!'
# Create the hidden message
subprocess.check_output([
'stegoveritas_hide_lsb', '-bands', 'R', '-output', new_steg_file,
original_file, hidden_message
])
# Find the hidden message
args = [new_steg_file, '-out', tmpdirname, '-extractLSB', '-red', '0']
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
_, _, files = next(os.walk(veritas.results_directory))
found = False
for f in files:
with open(os.path.join(veritas.results_directory, f), 'rb') as f:
if hidden_message.encode() in f.read():
found = True
break
assert found == True
def test_filters_general():
# Just enumerating an expected run for now
expected_hashes = [
'135b0a8c0dc2e770419675657b7cb02077d8cc1c28e108d778d17679c5058873',
'b403509bb2cde5e1b1e12430e07748479aeb6fd7d138365025bc2045c0dcc1f6',
'a8646064368becf884c7b4f2eb415222a07b8986564ec85588b91eb2b581f284',
'8573391d1e120c5019f65179de4ba151726e318b576005849ed38c20cf1e0b9a',
'72eebe8abaa3b71dd5c5beef0ee45990d56035de557fff54eb7938f1d962bb4c',
'99fdc34851cee61dc241176609ece8ef3cb275fc12d704fa28b78aa3532eecb9',
'c35aa2a15d7dbb4d0babc40010c7ee90095e7a19fb9701845207f0cdb7d444ac',
'c586a04084a5d311cf9947138b765b40f91e2f62c09f8fb71ab62e31abc08812',
'cdcb907bebdb380e78bde7124395b2a0baca70f059efdc194a9682cdef4a9ca5',
'a654192cd53ffd001c1fbf212d0397fa035b704b0bd88cfd2cac0609a46992ca',
'7ca76b39e0677cda05f3b763c0f5413d394a2a263444dc203a1bfec24a1c7ee3',
'35deb8274ff3795275e687848cb8608a8c6aae04d2ed3b10e75c7b956ce0dce2',
'4810712f350d70db6a790c94ef26f52ad3ee8a54ec9a7094b0d5b1ce10f2112a',
'fc505985fe2290a2b4aedad4267e10a54a69727ad2238581f22c76d414732cfd',
'84d829c3a27c7b86331029b0ccfd3a744a258f956f8b3420345963d451a32128',
'd00aadadd2f8d6b66c114e1cb393ac6bcb029bbb9d8ca59b9e00c65b48a81cb7',
'7c636d0ce2db36ecfea92fadb4cf678e5226de47c222c25d20640b7496da876f',
'30d6055cc8585a1e99d24c14adf0b4901623d2c9c32d9941eceb6272a0f232c1',
'87a065c6d1f4cf5f7e1c39081f291c9dfcc615685169d6dc24056a320603acec',
'ca30249c54febb404d1b9a17fb5dbdb513f1caf66d0ee2265c66b6004f0f78e3',
'16c4822cbcacc29ff4e3f16d6914eb0bb545f2a9b0d990eaed1d52a97452701f',
'3551bcdb88a63d5d9dd78c649ff4358fb7bd60a1f8a217f81e0f88b6e2082238',
'2fd60df6285a8cd850f2e302ea8486bfbd0560aed7bc02270ce2e5cf5b7beb1a',
'3147f3466659f909c30d9691cbed79e0aa93ba7f31cc3de074e3e2c07d7299e8',
'e3059a40e602dff9f4f69c8ce7feb0361f1955a5e9b8fc0fad5d8b9f95ad2281',
'6fa524057dca871f1cd21e2ea0eefe483ce2757165a133c8306b74a893f32ea9',
'77ba4e421659b6b63914322d46b09c9b6ee23f51edcfb5d8896908e2d49fc297',
'8f8bf6afafe5f910cc025657055cf4846550b0c9da4ac9c2331c5e34643a0103',
'3da5482c874a55612b076ada6838eadf43308b3a5c9b4655c3714a695398e991',
'8e2cca5767003620e98041c85e015a922fce507186f3177ab7e29eabf0c96e85',
'33782a4ea7b516d4be6084bba99974cdc01651a0e0dde47bae7e19b94c113fcd',
'1d089027b26bf06f76a013fcdc5adae48c71c3e1dd76c1d010771586a87d9347',
'1b218642c748f26c4ff7e9993bb8e33ccda1d5cff6cc4c8a5182e3074ea2a146',
'96b968a62142498d41288100d93e6090b85cc85d0bb61373399130293137ac31',
'6964ad9716775db61dc74133646cc7426196266bd069fd7da72dbbf31e045838',
'6a1f326e969c759799186c01d25d4785cff8fde900728df54f7aab8db5b9dc13',
'4ce36f55619b1158b4d46cb0f5b3a3ca7d36b8ffd58b96ee02f3745e0285bcc7',
'503064845994c887becb0c77bd0acddc12a4bcfa946ae6069e6766c7845d6675'
]
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'owl_nosteg.jpg'), '-out', tmpdirname,
'-imageTransform'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
_, _, files = next(os.walk(tmpdirname))
for f in files:
assert SVImage.hash_file(os.path.join(tmpdirname,
f)) in expected_hashes
def test_meta_exif():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'owl_exif1.jpg'), '-out', tmpdirname,
'-exif'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
with open(os.path.join(tmpdirname, "exif", "description"), "rb") as f:
assert b"Alabama defensive back Xavier McKinney" in f.read()
"""
def test_steghide_wrong_password():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'owl_steghide_password.jpg'), '-out',
tmpdirname, '-steghide', '-password', 'ThisIsNotThePassword'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
hidden = glob(os.path.join(tmpdirname, 'steghide_*.bin'))
assert len(hidden) == 0
def test_extract_green_0_lrtb():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'lsb_green_0.png'), '-out', tmpdirname,
'-extractLSB', '-green', '0'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
# Verify we're expecting that
with open(os.path.join(tmpdirname, 'LSBExtracted.bin'), 'rb') as f:
assert hashlib.md5(
f.read()).hexdigest() == '592568cbbe556bb24a93c976df0621ec'
def test_extract_rgb_0_lrtb():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'lsb_rgb_0.png'), '-out', tmpdirname,
'-extractLSB', '-red', '0', '-green', '0', '-blue', '0'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
# Verify we're expecting that
with open(os.path.join(tmpdirname, 'LSBExtracted.bin'), 'rb') as f:
assert hashlib.md5(
f.read()).hexdigest() == '7cd0b50baaf727f4c6ad7565ab55a2e0'
def test_extract_blue_0_lrtb():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'lsb_blue_0.png'), '-out', tmpdirname,
'-extractLSB', '-blue', '0'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
# Verify we're expecting that
with open(os.path.join(tmpdirname, 'LSBExtracted.bin'), 'rb') as f:
assert hashlib.md5(
f.read()).hexdigest() == '5626b080f13e0b8618da1aed934ab33c'
def test_extract_red_0_lrtb():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'lsb_red_0.png'), '-out', tmpdirname,
'-extractLSB', '-red', '0'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
# Verify we're expecting that
with open(os.path.join(tmpdirname, 'LSBExtracted.bin'), 'rb') as f:
assert hashlib.md5(
f.read()).hexdigest() == '20ba8aa2da066e371747502079991071'
def test_carve_zip_from_elf():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [os.path.join(SCRIPTDIR, 'bin_with_zip_inside'), '-out', tmpdirname, '-carve']
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
_, _, files = next(os.walk(veritas._keeper_directory))
found = False
for f in files:
with open(os.path.join(veritas._keeper_directory, f),'rb') as f:
if hashlib.md5(f.read()).hexdigest() == 'ff22941336956098ae9a564289d1bf1b':
found = True
break
assert found == True
def test_lsb_brute_1():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [os.path.join(SCRIPTDIR, 'lsb_red_0.png'), '-out', tmpdirname, '-bruteLSB']
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
_, _, files = next(os.walk(veritas._keeper_directory))
found = False
for f in files:
with open(os.path.join(veritas._keeper_directory, f),'rb') as f:
if hashlib.md5(f.read()).hexdigest() == '20ba8aa2da066e371747502079991071':
found = True
break
assert found == True
def test_steghide_password():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'owl_steghide_password.jpg'), '-out',
tmpdirname, '-steghide', '-password', 'ThisIsThePassword'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
hidden = glob(os.path.join(tmpdirname, 'steghide_*.bin'))
assert len(hidden) == 1
with open(os.path.join(tmpdirname, hidden[0]), "r") as f:
assert f.read().startswith("This is hidden!")
def test_filters_truncated_image():
with tempfile.TemporaryDirectory() as tmpdirname:
with lzma.open(os.path.join(SCRIPTDIR, 'pico2018-special-logo.bmp.xz'),
"rb") as f:
with open(os.path.join(tmpdirname, 'pico2018-special-logo.bmp'),
"wb") as g:
g.write(f.read())
args = [
os.path.join(tmpdirname, 'pico2018-special-logo.bmp'), '-out',
tmpdirname, '-imageTransform'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
assert len(glob(os.path.join(tmpdirname, "*"))) > 3
def test_extract_truncated_image():
with tempfile.TemporaryDirectory() as tmpdirname:
with lzma.open(os.path.join(SCRIPTDIR, 'pico2018-special-logo.bmp.xz'),
"rb") as f:
with open(os.path.join(tmpdirname, 'pico2018-special-logo.bmp'),
"wb") as g:
g.write(f.read())
args = [
os.path.join(tmpdirname, 'pico2018-special-logo.bmp'), '-out',
tmpdirname, '-extractLSB', '-red', '0', '-green', '0', '-blue', '0'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
# Just make sure it ran
assert os.path.exists(os.path.join(tmpdirname, 'LSBExtracted.bin'))
def test_trailing_gif():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'owl_trailing.gif'), '-out', tmpdirname,
'-trailing'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
_, _, files = next(os.walk(tmpdirname))
found = False
for f in files:
with open(os.path.join(tmpdirname, f), 'rb') as f:
if hashlib.md5(f.read()).hexdigest(
) == 'be737fc8ea2b8a13ae6420dc4cd09bfa':
found = True
break
assert found == True
def test_trailing_tiff():
# Turns out ffmpeg adds 4 extra '\x00\x00\x00\x00' at the end when converting to tiff. Thus the different md5sum.
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'owl_trailing.tiff'), '-out', tmpdirname,
'-trailing'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
_, _, files = next(os.walk(tmpdirname))
found = False
for f in files:
with open(os.path.join(tmpdirname, f), 'rb') as f:
if hashlib.md5(f.read()).hexdigest(
) == 'df5b9f00a4e15cde88aa8c304033477b':
found = True
break
assert found == True
def test_exif_png():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [os.path.join(SCRIPTDIR, 'owl_exif.png'), '-out', tmpdirname, '-exif']
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
exifdir = os.path.join(tmpdirname, 'exif')
assert os.path.isdir(exifdir)
_, _, files = next(os.walk(exifdir))
found = False
for f in files:
with open(os.path.join(exifdir, f),'r') as f:
if "This is my inserted png chunk." in f.read():
found = True
break
assert found == True
def test_extract_frames_apng():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR,
'Animated_PNG_example_bouncing_beach_ball.png'),
'-out', tmpdirname, '-extract_frames'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
frames = glob(os.path.join(tmpdirname, '*_frame_*.png'))
assert len(frames) == 20
expected_hashes = [
'4984cd34d8f67a060cc3ea0fab8fda80fe32e78e2290d3692d2681657d2674bb',
'46bff92f931cf247608bdb68b541d14559e7968969de2192190b0a65f735cde4',
'aab92ada01f7ccd13c5a2c31296385a2bb1cc2e94243f2041aac0808883b5cbe',
'cb5dc80b7f386daf0fffbda763f2c5465036ff38fbb76cd7ecfbcb829824006a',
'0b524223c49b671df97dacaa8807acf0fdade046fb2bdd3e7c2309457ca5004f',
'ad6b6c9cbe1f15c803356a4296f94c895c3747aaca8f977a272a83d6ebfdf676',
'379f74e77a2a2bf2a27a2d38b109a7b28decf6d577619f4117441afc21b01e6c',
'd4048ecf441fb11402996ccb7f33fbfe2d61e1660d9caa17114c245b44f3a629',
'cc62e051325746579f9fa913766e4b872f790a37b539e6c710d9cb4535f2ad16',
'2d8924862326066b46a6abef2aa61e150e6c933f57ec8280b83d8297d05be793',
'2619bf1ef0685aa3c9f8745393d43963f9f3c37021c8381ceabeae3038e0af1e',
'fa8db31b7a6ac3b96705d405cd9e3dc04b2b8d1b9dce24219db937c1f4c8ddaa',
'3876ab9e1a14a8b15c3e7e1b58474f0c35a9368c0a2dd149a3b226af3cc469c8',
'd94d61882216ae41e212e7e21994cea6ba195964046eb2399723331abefbe3b3',
'ff796a3ca22fca14819ebf0c6722dfa9b1fe7837396257b8fd9d05093398aee6',
'622873b75685aa17a060fa5bbb7fc2d3368e9a6260f7394f68ccd01efb6a9a3a',
'a6770e6b857c0d6d34b41c49b96eb9e5cf42a213d042b9c3ff79117bd9b716a2',
'd362b4cf63f2a1012cb0e2d17d3b263843d28136deb340edec4fbc2774e666b0',
'4ba41bd812ca08aaec3f60a07ec765ec8937602d53222b7b0fce46b9438a11c3',
'e859f886e3b65ec4e8f6cb14d31f32c36d1a8bf9a276c4f838f76dfae6ddf38d'
]
for f in frames:
assert SVImage.hash_file(os.path.join(tmpdirname,
f)) in expected_hashes
def test_carve_png_extract_extension_issue():
# This example binwalk apparently removes the original .png.gz while gunzipping it
# Just testing it won't crash mostly
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'gz_in_jpeg_missing_extension.jpeg'),
'-out', tmpdirname, '-carve'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
_, _, files = next(os.walk(veritas._keeper_directory))
found = False
for f in files:
with open(os.path.join(veritas._keeper_directory, f), 'rb') as f:
if hashlib.md5(f.read()).hexdigest(
) == '315a9acd3ab3daebf5f7c812e512757d':
found = True
break
assert found is True
def test_xmp_jpg():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'owl_xmp.jpg'), '-out', tmpdirname, '-xmp'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
xmpdir = os.path.join(tmpdirname, 'xmp')
assert os.path.isdir(xmpdir)
_, _, files = next(os.walk(xmpdir))
found = False
for f in files:
with open(os.path.join(xmpdir, f), 'r') as f:
if 'This is some meta information.' in f.read():
found = True
break
assert found == True
def test_extract_frames_gif():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'colormap_stego.gif'), '-out', tmpdirname,
'-extract_frames'
]
veritas = stegoveritas.StegoVeritas(args=args)
veritas.run()
frames = glob(os.path.join(tmpdirname, '*_frame_*.gif'))
assert len(frames) == 3
expected_hashes = [
'9b20f6b8452dcae537a3f22fc7dc6ba6a6ee9515ba4cdb336b4b9bf0b315585b',
'0b62f28193c2cc87491b64bf87e8ed766563e0fd0bacaf8fecca518dcd92c40e',
'6f49579ae11418d8cd81034cb3259c454d798494bade011829ad39c9416e6ccf'
]
for f in frames:
assert SVImage.hash_file(os.path.join(tmpdirname,
f)) in expected_hashes
def test_test_output_binwalk():
with tempfile.TemporaryDirectory() as tmpdirname:
args = [
os.path.join(SCRIPTDIR, 'images', 'owl_trailing.jpg'), '-out',
tmpdirname
]
veritas = stegoveritas.StegoVeritas(args=args)
with open(veritas.file_name, 'rb') as f:
data = f.read()
veritas.test_output(data)
_, _, files = next(os.walk(veritas._keeper_directory))
found = False
for f in files:
with open(os.path.join(veritas._keeper_directory, f), 'rb') as f:
# text.txt
if hashlib.md5(f.read()).hexdigest(
) == 'ff22941336956098ae9a564289d1bf1b':
found = True
break
assert found == True
