Stupid simple steganography webapp
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
public
.gitignore
LICENSE
README.md
index.js
package.json
server.js
steghide.js

README.md

Stupid simple steghide webapp. Not secure at all.

Dependencies

The host system must provide the steghide command. Your Linux distribution probably has a package by this name.

Usage

Install the dependencies and start the app.

$ npm install
$ npm start

Now POST an image file, a message file and a password to http://localhost:8080/embed. The server will respond with a binary stream of the image with the secret embedded. The following example reproduces the one from this guide:

$ curl -F coverImage=@tux.jpg -F secretFile=@mytext.txt -F extractionPassword=scottlinux http://localhost:8080/embed > stegtux.jpg

Alternatively, fire up http://localhost:8080 in your browser and fill in the form.

Disclaimer

This software is, in its current incarnation, NOT SECURE in any sense of the word. It was lazily whipped together in a few hours as a fun proof of concept. DO NOT USE THIS SOFTWARE FOR ANYTHING YOU ACTUALLY NEED TO HIDE OR PROTECT.