kurolabs / stegcloak Goto Github PK
View Code? Open in Web Editor NEWHide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Home Page: https://stegcloak.surge.sh
License: Other
Hide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Home Page: https://stegcloak.surge.sh
License: Other
My cover may be one word.
I am getting this error:
RangeError: Input buffers must have the same byte length
at decrypt (/home/runner/encryptstuff/node_modules/stegcloak/components/encrypt.js:41:10)
at StegCloak.reveal (/home/runner/encryptstuff/node_modules/stegcloak/stegcloak.js:94:7)
at /home/runner/encryptstuff/index.js:24:22
at Layer.handle [as handle_request] (/home/runner/encryptstuff/node_modules/express/lib/router/layer.js:95:5)
at next (/home/runner/encryptstuff/node_modules/express/lib/router/route.js:137:13)
at next (/home/runner/encryptstuff/node_modules/express/lib/router/route.js:131:14)
at next (/home/runner/encryptstuff/node_modules/express/lib/router/route.js:131:14)
at next (/home/runner/encryptstuff/node_modules/express/lib/router/route.js:131:14)
at next (/home/runner/encryptstuff/node_modules/express/lib/router/route.js:131:14)
at next (/home/runner/encryptstuff/node_modules/express/lib/router/route.js:131:14)
Using this code to decrypt:
// Use an express route, suitable for either GET or POST
app.all("/decrypt", (req, res) => {
// Conbining req.query and req.body
var body = {...req.query, ...req.body}
// Enc is a 'new Stegcloak(true, false)'
let decrypted = enc.reveal(body.data || body.text, body.password || body.pass);
// Log
console.log(decrypted)
// Send to client
res.json(decrypted);
})
With this form body:
// POST /decrypt
{
"text": "Here's the code!",
"pass": "42"
}
Encrypted this:
// POST /encrypt
{
"hide": "chrome.contextMenus.create({ id: `encrypt`, title: `Encrypt "%s"`, contexts: [\'selection\'], onclick: (info) => { const { menuItemId: id , selectionText: selected } = info; console.log(info); encrypt(selected).then((res) => { prompt(_gui.encrypt, res) }); } }, log("Created context menu"))",
"show": "Here's the code!",
"pass": "42"
}
Express code to encrypt:
app.all("/encrypt", (req, res) => {
var body = {...req.query, ...req.body}
let encrypted = enc.hide(body.secret || body.hide, body.password || body.pass, body.cover || body.show || body.text)
res.json(encrypted);
})
Please make normal, regular demo for people like me who are not familiar with coding, api usage, or React.
Just a standard click-to-open index.html where your excellent script works without a need for react.
Hello. First of all, thank you for making a nice library.
And i found one interesting thing about using this library.
I own Android, Mac and iOS and have tested the equipment.
The tests on my equipment were successful,
but some of the transparent letters were visible to window users.
I sent the message below to my friends who can see the transparent string,
and I received the answer below.
so... it's looks like a U+2060 has can be seeing when the
user are have some windows machines.
I recommend deleting U+2060 to improve the completeness of this library.
it would be great if there is typescript support
Hi!
Exist a version of this epic tool can run without npm?
Hiding files in strings can be achieved by uploading the file to cloud and stegcloaking the link in the string
From your readme, would it be possible to base64 the binary into a string? Perhaps this is something that could be supported?
hi. i found this site https://stegcloak.surge.sh/ and i really need it. but when i click on "get the secret" just a white screen, how do i solve this problem?
I use the API, even wrong password returns value but not a false or null, so I can not find a way to check failed.
I tried 3 different browsers on android
Chrome - version 55.0.2883.91
Link Bubble - version 1.9.58
Tet Aide - version 9.0 beta 3a
on all 3 the "your secret" box never changes. It just remains /secret/.
What is the problem? If it's just javascript it shouldn't be that different from one device (or version) to another, should it?
When I try to get the content from the out.txt file, then python does not want to perceive the content normally. For generate random text i use lorem_text.
In file:
Veniam adipisci tempora explicabo natus atque eius architecto dignissimos, praesentium ad odio eligendi eum voluptate vero alias id?
In console:
Veniam ⁡‍‌‍⁤⁡⁡⁡‌⁡⁢⁡‌‍⁣⁣⁣⁢⁡‍⁣‍⁡⁢‍‍⁡⁤‌‍‍⁢⁡‌⁡‌⁤⁡⁡adipisci tempora explicabo natus atque eius architecto dignissimos, praesentium ad odio eligendi eum voluptate vero alias id?
How I can get the text in normal form?
This particular UTF Character (HEX \xe2\x81\xa4
or E281A4
, HTML Entity ⁤
) renders as a ?
or a square character (depending on the font) in iOS Safari HTML page.
Tested in iPadOS 13.5.1 with Safari.
I tried to do a minimum reproducibility test and the best I could do was this https://codepen.io/daniele-pelagatti/pen/ExPbEYO in the HTML Tab, if you open it in iOS it should show the caracter. It doesn't show in the result windows through for some reason.
Logically you can figure out some of the items are different parameter sets, but the docs don't make that clear.
What does cover mean here, the key/password? I think it may be clearer to change the name. Does it work to pass a file and a secret? Probably not. Are outputs on stdout or is it mandatory to specify output?
hide [options] [secret] [cover]
-f, --file <file> Extract input from file
-n, --nocrypt If you don't need encryption (default: false)
-i, --integrity If additional security of preventing tampering is needed (default: false)
-o, --output <output> Stream the results to an output file
-h, --help display help for command
Similar questions here, where do you pass [cover]
here to decrypt the string? Options aren't stated in the same format as the previous example.
reveal [data]
-f, --file <file> Extract input from file
-cp, --clip Copy Data directly from clipboard
-o, --output <output> Stream the secret to an output file
-h, --help display help for command
Provide a file or cdn to use it on web
As discussed in #8, we should add a --config
option in case people want to use StegCloak in languages other than Node - the current interactive nature of the CLI tool is a problem in those cases.
Trying to change the ZWCs and the amount of them used to three on this line here in stegcloak.js.
const zwc = ["", "", ""]; (200c, 200d, 200b)
It looks like the shrink and expand function expect 5 and 6 characters so is there an easy way to limit it to user three or two? Thank you.
Hi guys, very cool project. I found it via your article.
In that article, you detail how you use the 6 special characters during the encoding/compression phases. But in your readme here and in your source code, you use 7 characters. The one that's left out of the article is U+2061 (Function Application). So just for clarification, is that one truly a web-safe, cross-platform invisible character? And do you use it in that second compression step to replace 2 Cs or 2 Ds?
For example via gettext or a similar tool to support other languages.
Just wanted to ask if it's possible to host your own version of https://stegcloak.surge.sh/ with the npm package stegcloak
and if so, how?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.