katana.units.stego.stegsolve — Run Stegsolve¶
Reveal color planes on an image with stegsolve.
This unit is a Python implementation of stegsolve.jar, which is often
used for CTF challenges.
You can supply a channel or plane index to specifically extract, but
if these arguments are not given the unit will bruteforce and grab the least
4 bits of each color channel (R, G, B, typically).
The unit inherits from katana.unit.FileUnit to ensure the target
is an image file.
-
class
katana.units.stego.stegsolve.Unit(*args, **kwargs) Bases:
katana.unit.FileUnit-
BLOCKED_GROUPS= ['stego', 'forensics'] Blocked groups…. do not recurse into forensics because running binwalk or foremost on new images serves no real purpose
-
GROUPS= ['stego', 'image', 'stegsolve'] These are “tags” for a unit. Considering it is a Stego unit, “stego” is included, as well as the tag “image”, and the name of the unit itself, “stegsolve”.
-
PRIORITY= 70 Priority works with 0 being the highest priority, and 100 being the lowest priority. 50 is the default priorty. This unit has a priorty of 70.
-
RECURSE_SELF= False Recurssion would be silly in this case.
-
enumerate() This function will first yield the
channelandplanethat are supplied as arguments by the end-user. If they are not supplied, by default it will loop through all colors channels and the least 4 bits to extract from the target. Thesechannelandplanepairs will be presented as a tuple, to be used by theevaluatefunction.
-
evaluate(case) Evaluate the target. Create new images on specific color channels and their specified bit indexes.
Parameters: case – A case returned by enumerate. For this unit, this will be a tuple with the channel (R, G, B) and plane (0-7) to extract.Returns: None. This function should not return any data.
-
-
katana.units.stego.stegsolve.get_plane(img, data, channel: str, index: str = 0) Get a new image showcasing only one channel and index of an image.
Parameters: - img – The Python PIL original image object
- data – The pixel data of the original image object
- channel – The channel to extract, as a string (e.g. “R”, “G”, “B”)
- index – The specific bit index (0-7) you want to extract
Returns: A new Python PIL image with only the given channel and index.