GG-AESY: Hide cool stuff in images
To start off, I very propose often use GG-AESY using verbose method or very verbose manner, if you are not making use of this in unmanaged loaders, I also endorse generally specifying an outfile.
pay back focus with very verbose manner nevertheless, especially if you are hiding significant payloads. as the incredibly verbose manner will print the byte array to the console.
possessing mentioned that, let’s dive into the manual for this baby.
WARNING: you could possibly will need to restore NuGet deals and restart visual studio in advance of compiling. If anybody knows how I can get rid of this problem, DM me.
Blogpost: https://redteamer.suggestions/introducing-gg-aesy-a-stegocryptor/
Principal web site: https://github.com/jfmaes/GG-AESY
_______ _______ ___ _______ _______.____ ____
/ _____| / _____| / | ____| / | / /
| | __ | | __ ______ / ^ | |__ | (----` / /
| | |_ | | | |_ | |______| / /_ | __| _ _/
| |__| | | |__| | / _____ | |____.----) | | |
______| ______| /__/ __ |_______|_______/ |__|
V1.. by twitter.com/Jean_Maes_1994
Encryptor and (optional) stegano
Utilization:
-h, -?, --help Demonstrate Support
-e, --encrypt-only Only encrypts provided payload
-d, --decrypt decryption manner
--ps, --payload-size=Value
only required if extracting payload from picture for
decryption
--ef, --encrypted-file=Price
ENCRYPTION: The outfile for encrypted information
DECRYPTION:The inputfile wanted to decrypt the
payload.
-p, --payload=Price The route to the payload you want to encrypt
-o, --outfile=Benefit The path to the outfile where all critical info
will be penned to (important,iv and encrypted
payload)
-i, --graphic=Benefit The graphic file to hide the important and/or IV in,
at present only supports JPEG (JPG) format!
--okay, --offset-key=Value
The offset to search for the essential in impression (in
decimal)
--okh, --offset-crucial-hex=Benefit
The offset to research for the crucial in image (in
hex)
--oIV, --offset-IV=Value
The offset to lookup for the IV in graphic (in
decimal)
--oIVh, --offset-IV-hex=Worth
The offset to lookup for the IV in picture (in
hex)
--op, --offset-payload=Price
The offset to search for the payload in graphic
(in decimal)
--oph, --offset-payload-hex=Price
The offset to search for the payload in image
(in hex)
-v, --verbose produce all the great things to console,advised
you really constantly use this.
--vv, --incredibly-verbose prints encrypted payload array to console
-k, --important=Benefit in situation you want to use your individual critical value!
--IV, --initialization-vector=Benefit
in circumstance you want to use your have IV
--rk, --random-vital-manner
will disguise your critical in a random insertion stage
in the supplied picture, without having breaking explained
impression. will print the offset to console
--ra, --random-all-mode
will hide both equally Important and IV in a random insertion
point of the picture.
--ak, --append-critical-method
will cover the critical at the conclude of the image file
--aa, --append-all-method
will disguise the essential and the IV at the conclude of the
impression file.
--ap, --append-payload-method
will cover the payload at the stop of the image
file
--rp, --random-payload-manner
will hide the payload at a random insertion
issue.
--apu, --append-payload-unencrypted
appends your payload with no crypto, useful for
pretty quick and filthy knowledge exfil.-e or –encrypt-only: Will only encrypt a given payload (-p) will compose essential/iv to console if utilizing verbose method, will generate important/iv/payload into an outfile if employing the outfile (-o) flag, and finally will publish the bytestream to a different file if making use of the encrypted file (-ef) flag.
-d or –decrypt: Decryption manner, you can specify the decryption parameters employing offsets (in circumstance you have a hidden vital or crucial and IV in a JPEG). Offsets are passed to the program making use of both the offset-vital (-ok) or offset-key-hex (-okh) flags, you can use “-” as separators or just paste in the hex with out any separators, both of those will get the job done good. IV’s get the job done the very same way using -oIV and -oIVh flags.
Alternatively, you can give the IV and Essential specifically (in situation they are not concealed in a JPEG), working with the vital (-k) and initialization-vectors (-IV) flags. As with the offset flags, “-” can be used as a separator, GG-AESY accepts each ASCII and byte values.
In buy to decrypt, you can also will need to specify an encrypted file (-ef).
Ought to you have hidden a payload in a JPEG and would like to decrypt it, you’ll have to specify the payload dimensions (-ps) so GG-AESY will extract all information correctly with no false positives/bogus negatives 🙂 .
-u or –unpack: Will unpack unencrypted appended payloads (=apu mode) from the JPEG.
Stego modes:
If no crucial/iv is delivered, random important/iv’s will be used to encrypt your knowledge. All stego modes will have to have you to move GG-AESY a JPEG impression (-i). If you have specified an outfile (-o) to help save your vital facts about the crypto ( this sort of as important, iv, payload), all stego modes will also include the injection spots in this file.
-rk or –random-crucial-method: This Stego mode will hide your AES-256 crucial at a random injection place.
-ra or –random-all-manner: This Stego mode will cover each your AES-256 critical and IV at a random injection position, each injection details can be the identical (it truly is a random selection process), in this case, the key and IV will be injected back to back again.
-ak or –append-essential-method: This Stego mode will append the AES-256 critical at the conclusion of the JPEG.
-aa or –append-all-mode: This Stego method will append both AES-256 essential and IV at the stop of the JPEG.
-ap or –append-payload-method: This Stego mode will append the encrypted payload bytestream to the close of the JPEG.
-rp or –random-payload-manner: This Stego manner will inject the encrypted payload bytestream at a random injection issue. Warning: This only works if your payload does not exceed 65,535 bytes, which is about 65kb, if you check out a larger sized payload, an error will be thrown in your face. Pointless to say, this method is almost ineffective 🙂
-apu or –append-payload-unencrypted: This Stego mode will append the payload bytestream as-is to the conclusion of the JPEG.
DISCLAIMER: This device is in EARLY BETA. It’s not been battle-examined nonetheless, so please submit improvements as a result of PR’s or raise challenges in situation of bugs. Nonetheless, because of to my latest workload, energetic improvement on this instrument from my conclude will not be achievable at this time.
This does not indicate I’m abandoning this undertaking although 🙂
The publish GG-AESY: Conceal cool things in visuals appeared initially on Hakin9 – IT Stability Journal.
