-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
executable file
·205 lines (182 loc) · 5.59 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
<html>
<head>
<title>STEGIFY WEB - A WEB APPLICATION FOR STEGIFY IMAGE ENCODING</title>
<style>
h1 {
padding: 5px;
border: 5px solid white;
margin: 0 30%;
}
body {
text-align: center;
background-color: dodgerblue;
color: white;
font-family: Arial, Helvetica, sans-serif;
margin-left: 10%;
margin-right: 10%;
padding-top: 10px;
}
select,input {
padding: 5px;
border: 5px solid white;
background-color: white;
color: #555;
}
#submit {
font-weight: bold;
}
input:hover,select:hover {
border: 5px solid #555;
background-color: #555;
color: white;
}
.links {
font-size: 20px;
font-weight: bold;
}
a {
color: white;
}
a:hover {
font-style: italic;
color: white;
}
a:visited {
color: white;
}
</style>
<script src="jquery-3.4.1.min.js"></script>
<script>
$(document).ready(function(){
$('#code').on('change', function() {
if ( this.value == 'decode')
{
$(".encfile").hide();
}
else
{
$(".encfile").show();
}
});
});
</script>
</head>
<body>
<h1><a href="https://nabasny.com/stegify" style="text-decoration:none">STEGIFY WEB</a></h1>
<h2><i>A web-based application of <a href="https://github.com/DimitarPetrov/stegify" target="_blank">Stegify image encoding</a> developed by Dimitar Petrov.<br />Hide information and files inside of images.</i></h2>
<br />
<form name="input" action="index.php" method="POST" enctype="multipart/form-data">
<h3>STEP 1: SELECT ENCODE / DECODE</h3>
<select id="code" name="code">
<option value="encode">Encode</option>
<option value="decode">Decode</option>
</select>
<br /><br />
<h3>STEP 2: UPLOAD IMAGES</h3>
Order matters! Files will not decode correctly if the encoded images are not uploaded in the same order that they were encoded in.<br />
<br />
Accepted Formats: <tt><b><font color="#555">JPG, JPEG, PNG</font></tt></b><br />
<br />
<font color="#FFA5F0">Before encoding, remove spaces from filenames!</font><br />
<br />
<input type="file" name="file[]" id="1pic"><br />
<input type="file" name="file[]" id="2"><br />
<input type="file" name="file[]" id="3"><br />
<br />
<div id="encode" class="encfile">
<h3>STEP 3: ADD HIDDEN FILE</h3>
<input type="file" name="hidden" id="hidden"><br />
</div>
<br />
<br />
<input name="submit" id="submit" type="submit" value="STEGIFY" />
</form>
<br /><br />
<?php
function rm_dir($target) {
if(is_dir($target)){
$allfiles = glob( $target . '*', GLOB_MARK ); //GLOB_MARK adds a slash to directories returned
foreach( $allfiles as $file ){
rm_dir( $file );
}
rmdir( $target );
} elseif(is_file($target)) {
unlink( $target );
}
}
if(isset($_POST['submit'])){
// set variables
$method = $_POST["code"];
$carriers = "";
$result = "";
// create working directory
$hash = bin2hex(random_bytes(8));
$oldmask = umask(0);
mkdir($hash, 0777);
umask($oldmask);
// count number of files to be uploaded (always 3 in this implementation)
$countfiles = count($_FILES['file']['name']);
if ($method == "encode") {
// loop through files
for($i=0;$i<$countfiles;$i++){
$filename = $_FILES['file']['name'][$i];
// upload carriers, check file types, and record filenames
if (move_uploaded_file($_FILES['file']['tmp_name'][$i], $hash . '/' . $filename)) {
$imageFileType = strtolower(pathinfo($hash . '/' . $filename,PATHINFO_EXTENSION));
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" ) {
echo "Sorry, you must use a JPG, JPEG, or PNG file!";
rm_dir($hash . '/');
exit();
}
$carriers = $carriers . $hash . '/' . $filename . " ";
$result = $result . $hash . '/encoded-' . $filename . " ";
}
}
// upload data to be hidden
move_uploaded_file($_FILES["hidden"]["tmp_name"], $hash . "/hidden");
// trim trailing space in filenames
$carriers = substr_replace($carriers ,"", -1);
$result = substr_replace($result ,"", -1);
// encode
$cmd = './stegify encode --carriers "' . $carriers . '" -d ' . $hash . '/hidden -r "' . $result . '"';
$output = shell_exec($cmd);
if ($output != "") { echo 'Error! Could not encode file. Try another image.'; exit(); }
// display link to encoded files
$files = preg_split('/ +/', $result);
echo '<div class="links">';
for($i=0;$i<4;$i++) {
if ($files[$i] != "") {
echo '<a href="' . $files[$i] . '" download>Download Encoded Image ' . $i . "</a><br />";
} else {
echo '<br /><i>Images will be available for 24 hours only.</i></div>';
exit();
}
}
} elseif ($method = "decode") {
// loop through files
for($i=0;$i<$countfiles;$i++){
$filename = $_FILES['file']['name'][$i];
// upload carriers, check file types, and record filenames
if (move_uploaded_file($_FILES['file']['tmp_name'][$i], $hash . '/' . $filename)) {
$imageFileType = strtolower(pathinfo($hash . '/' . $filename,PATHINFO_EXTENSION));
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" ) {
echo "Sorry, you must use a JPG, JPEG, or PNG file!";
rm_dir($hash . '/');
exit();
}
$carriers = $carriers . $hash . '/' . $filename . " ";
}
}
// trim trailing space in filenames
$carriers = substr_replace($carriers ,"", -1);
// decode
$cmd = './stegify decode --carriers "' . $carriers . '" -r ' . $hash . '/data';
$output = shell_exec($cmd);
if ($output != "") { echo 'Error! Could not decode file. Did you put the images in the right order?'; exit(); }
// link to decoded file
echo '<div class="links"><a href="' . $hash . '/data" download>Download Decoded File</a><br /><br /><i>File exists for 30 seconds. After that, it is removed from the server.</i></div>';
}
}
?>
</body>
</html>