Embed a payload within a PNG file by splitting the payload across multiple IDAT
sections. Each section is encrypted individually using its own 16-byte key with the RC4 encryption algorithm.
This repository consists of two implementations:
EmbedPayloadInPng.py
– Python script to embed an input payload to a specified PNG file.FetchPayloadFromPng
– Extract the payload from EmbedPayloadInPng.py
‘s outputted PNG file, and decrypt it using the ExtractDecryptedPayload function.EmbedPayloadInPng.py
to create the embedded payload PNG file:MARKED_IDAT_HASH
macro definition outputted by EmbedPayloadInPng.py
and replace it with the existing one in the FetchPayloadFromPng
project here.As mentioned earlier, EmbedPayloadInPng.py
is responsible for embedding the payload file within a PNG one. Below is the structure of a payload-embedded PNG file.
Since the maximum size of an IDAT
section is 8192 bytes, our payload is chunked to multiple IDAT
sections. Each section has a size equivalent to (8192 – 16 [RC4 key length]). Furthermore, The last IDAT
section will contain the remaining bytes of the payload.
The following images explain EmbedPayloadInPng.py
‘s output and compare it to the structure of the created PNG file:
IDAT
section, following our random section (in blue). This image also demonstrates the position of the CRC hash and the size of the randomized IDAT section beforehand (in yellow).Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…
The touch command is one of the quickest ways to create new empty files or update timestamps…
Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…
Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…
Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…