Skip to content
Steganalysis web platform
JavaScript Python CSS HTML Dockerfile Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
build/flask Binwalk Ok Sep 18, 2019
data fix download due to async loading Oct 3, 2019
examples INIT Aperisolve Repo Aug 21, 2019
README.md Update README.md Oct 12, 2019
docker-compose.yml INIT, part2 Aug 21, 2019
start.sh INIT, part2 Aug 21, 2019

README.md

Aperi'Solve

Rawsec's CyberSecurity Inventory Website shields.io

Try it now: https://aperisolve.fr

I . What is Aperi'Solve?

Aperi'Solve is a platform which performs layer analysis on image.
The platform also uses "zsteg", "steghide", "exiftool", "binwalk" and "strings" for deeper steganography analysis.

II . Why Aperi'Solve

Aperi'Solve has been created in order to have an "easy to use" platform which performs common steganalysis tests such as LSB or steghide. The platform and Dockerfile are also a quick alternative for people who didn't manage to install zsteg (ruby gem) properly.

III . Features

Aperi'Solve is based on Python3 with Flask and PIL module, the platform currently supports the following images format: .png, .jpg, .gif, .bmp, .jpeg, .jfif, .jpe, .tiff.

The platform allow you to:

  • Visualise each bit layer of each channel for a given image (ie. LSB of Red channel).
  • Browse and Download each bit layer image.
  • Visualise zsteg informations such as text encoded on LSB
  • Download zsteg files such as mp3 encoded on LSB
  • Download steghide files using a defined password
  • Visualise exiftool informations such as geolocation or author
  • Visualise binwalk informations
  • Download binwalk files such as zip in png headers
  • Visualise strings output

IV . Application

The Aperi'Solve platform is a Flask (python 3.7) application. The source code is located into the /data folder. The platform has been split as follows:

  • app.py : Contains web routes and main application variables
  • stega.py : Contains steganography functions. Layer decomposition is performed with numpy.
  • appfunct.py : Contains functions used in both app.py and stega.py.
  • /templates : index.html (html view)
  • /static : Images, JavaScript and CSS
  • /uploads : Uploaded images and working directory for steganography tools

V . Installation with Docker

A Dockerfile is provided in /build/flask and a docker-compose.yml is available at root directory.

  1. Download the repository:
git clone https://github.com/Zeecka/AperiSolve.git
  1. Configure docker-compose.yml if needed (ie. change APP_PORT=80 to APP_PORT=8888 if port 80 is already used).

  2. Pull, Build, Run:

docker-compose pull
docker-compose build
docker-compose up
  1. Access to the web platform and enjoy ! (usually http://localhost/)

VI . Manual Installation (not recommanded)

As said in the beginning of this file, some of theses tools such as zsteg and exiftool may not be easy to install. Aperi'Solve has been created to package installation in docker container / provide a web access to the platform. If you still want to install the dependencies by yourself, here are the requirements:

  • Install python and pip (version 3.7+)
apt install python3-dev
  • Install python requirements (PIL, Numpy, ...):
cd build/flask/
pip3 install -r requirements
  • Install ruby and ruby-dev:
apt install ruby ruby-dev
  • Install zsteg:
gem install zsteg --no-ri --no-rdoc
  • Install steghide:
apt install steghide
  • Install exiftool:
apt install perl libimage-exiftool-perl
  • Install 7z:
apt install p7zip

Then, run:

python3 app.py

TODO

  • Implement Foremost ?
  • Implement PNGcheck ?
  • Implement stegoVeritas ?
  • ...
You can’t perform that action at this time.