Embed a payload within a PNG file by splitting the payload across multiple IDAT
sections. Each section is encrypted individually using its own 16-byte key with the RC4 encryption algorithm.
This repository consists of two implementations:
EmbedPayloadInPng.py
– Python script to embed an input payload to a specified PNG file.FetchPayloadFromPng
– Extract the payload from EmbedPayloadInPng.py
‘s outputted PNG file, and decrypt it using the ExtractDecryptedPayload function.EmbedPayloadInPng.py
to create the embedded payload PNG file:MARKED_IDAT_HASH
macro definition outputted by EmbedPayloadInPng.py
and replace it with the existing one in the FetchPayloadFromPng
project here.As mentioned earlier, EmbedPayloadInPng.py
is responsible for embedding the payload file within a PNG one. Below is the structure of a payload-embedded PNG file.
Since the maximum size of an IDAT
section is 8192 bytes, our payload is chunked to multiple IDAT
sections. Each section has a size equivalent to (8192 – 16 [RC4 key length]). Furthermore, The last IDAT
section will contain the remaining bytes of the payload.
The following images explain EmbedPayloadInPng.py
‘s output and compare it to the structure of the created PNG file:
IDAT
section, following our random section (in blue). This image also demonstrates the position of the CRC hash and the size of the randomized IDAT section beforehand (in yellow).Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…
Knowing how to check directory sizes in Linux is essential for managing disk space and…
Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…
Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…