Kali Linux

Chaya : Advance Image Steganography

Chaya protects your privacy through steganography, cryptography and compression. It effectively encrypts your payloads using AES-256-GCM cryptography, embeds them using LSB-LPS steganography technique into images and compresses them using FLIF to evade detection by performing lossless compression.

Chaya is for your privacy. Chaya is backed by research (I will publish public version whitepaper on xerohack.com), and has proven to be by far the most effective image steganography tool as compared to other FOSS image steganography tools.

WHY CHAYA IS BETTER THAN THE REST?

  • 0% detection rate using most of the publically available anti-steg tools like stegexpose and many more
  • 100% data retention with almost the same capacity of standard LSB technique with LBS-LPS
  • Transparent cryptography that gets as good as python has to offer

There is no way this can be broken using a standard supercomputer unless there are exploits in python libs and python itself.. LSB-LPS will take exponetially large time to brute-force with larger graph images because you will have to attack every X,Y coordinates combo without any error. Making an ML to do so is also quite useless and can be only used for Natural language processing for example: which message is readable to find the coordinates. AFTER THAT, you have to break the encryption. MOREOVER, NLP ML cannot find the coordinates because the bruteforce results will be ciphertext anyway. If for some reason the attacker knows the coordinates to start the de-steg process, they will have to break AES-GCM-256. GCM is better because it offers integrity along with confidentiality, which is why it’s the better AES mode).

United Nations Declaration of Human Rights (UDHR) 1948, Article 12 – “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks.”

International Covenant on Civil and Political Rights (ICCPR) 1966, Article 1 – “No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honor or reputation. Everyone has the right to the protection of the law against such interference or attacks.”

Features

  • Supports AES-256-GCM cryptography
  • Supports Standard LSB steganography
  • Supports LSB-LPS steganography
  • Supports FLIF lossless compression
  • Cipher data logs as json
  • Analytics support for your experiments
  • Supports json to csv conversions
  • Highly verbose cipher data logs
  • Workspace Cleaner
  • Easy installer for initial setup
  • Comes with easy updater

Installation

One Line Setup

Use the following command for faster setup:

Command For Ubuntu Based Distros

sudo apt install python3-pip && sudo apt install git && git clone –depth=1 https://github.com/xerohackcom/Chaya.git && cd Chaya && pip3 install -r requirements.txt && sudo apt update && sudo apt-add-repository ppa:linuxuprising/libpng12 && sudo apt update && sudo apt install -y libpng12-0

Command For Debian Based Distros

sudo apt install python3-pip && sudo apt install git && git clone –depth=1 https://github.com/xerohackcom/Chaya.git && cd Chaya && pip3 install -r requirements.txt && sudo apt update && sudo apt install build-essential devscripts && cd ~/ && sudo touch /etc/apt/sources.list.d/libpng12.list && echo “deb https://ppa.launchpadcontent.net/linuxuprising/libpng12/ubuntu hirsute main” | sudo tee -a /etc/apt/sources.list.d/libpng12.list && echo “deb-src https://ppa.launchpadcontent.net/linuxuprising/libpng12/ubuntu hirsute main” | sudo tee -a /etc/apt/sources.list.d/libpng12.list && sudo apt-key adv –keyserver hkp://keyserver.ubuntu.com:80 –recv-keys 1CC3D16E460A94EE17FE581CEA8CACC073C3DB2A && sudo apt update && sudo apt install -y libpng12-0

Using Installer.py

You can install the dependencies using installer.py script. Run the following commands in terminal:

sudo apt install python3-pip && sudo apt install git && git clone –depth=1 https://github.com/xerohackcom/Chaya.git && cd Chaya

Ubuntu Based Distros

python3 installer.py –ubuntu

Debian Based Distros

python3 installer.py –debian

Usage

Help Menu

python3 chaya.py –help

Automatic Operations

  • First add few images (png format) to /autoexp/image_raw/
  • Remove the txt file from all autoexp sub-folders to avoid errors!
  • Run the following command

python3 chaya.py -enc

Output Data

  • Enc + Steg images -> /autoexp/image_steg/
  • Enc + Steg + Comp images -> /autoexp/image_steg_comp/
  • Cipher data -> /appdata/cipher_data.json
  • Analysis data -> /appdata/analysis_results_enc.json
R K

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

3 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

3 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

2 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

3 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago