From 666dc8a40d7fadc28d32fe89ec283109820fde0f Mon Sep 17 00:00:00 2001 From: grimmlin Date: Fri, 13 Nov 2009 10:17:45 +0000 Subject: [PATCH] * Added stegdetect --- app-forensics/stegdetect/Manifest | 3 + .../stegdetect/files/stegdetect-0.6.patch | 239 ++++++++++++++++++ .../stegdetect/stegdetect-0.6.ebuild | 36 +++ 3 files changed, 278 insertions(+) create mode 100644 app-forensics/stegdetect/Manifest create mode 100644 app-forensics/stegdetect/files/stegdetect-0.6.patch create mode 100644 app-forensics/stegdetect/stegdetect-0.6.ebuild diff --git a/app-forensics/stegdetect/Manifest b/app-forensics/stegdetect/Manifest new file mode 100644 index 000000000..5466770bc --- /dev/null +++ b/app-forensics/stegdetect/Manifest @@ -0,0 +1,3 @@ +AUX stegdetect-0.6.patch 7339 RMD160 5afd9142dd93eadce0d7b0841ead265c03a0ce30 SHA1 d6aad7f066407239de56aaa7ee7a486023385edb SHA256 6e0bb6fa844f09057f659b471e1100da7dffb029eee079af49e1a21e3f10a2d4 +DIST stegdetect-0.6.tar.gz 1269001 RMD160 7db7310bc37cd6d38c73ca641649bedde305cae4 SHA1 c303bde8afe411d58e57b92af014703dfa04a913 SHA256 71149fc9fc58c44a49a38c7013d22d8a861e45acb1074b6c3004b314c8e81a8d +EBUILD stegdetect-0.6.ebuild 684 RMD160 a0ad891ee5fa7eddaa66249e38d5112240868b6a SHA1 c3f07be36e8b8f861d0d3493f5dc0bea09704769 SHA256 48c0a5c2a82deace9bd6d0e877d56805b6c21a543a43962c1e3b69cf77368cd7 diff --git a/app-forensics/stegdetect/files/stegdetect-0.6.patch b/app-forensics/stegdetect/files/stegdetect-0.6.patch new file mode 100644 index 000000000..e250f9763 --- /dev/null +++ b/app-forensics/stegdetect/files/stegdetect-0.6.patch @@ -0,0 +1,239 @@ +diff -Naur stegdetect-0.6.orig/break_jsteg.c stegdetect-0.6/break_jsteg.c +--- stegdetect-0.6.orig/break_jsteg.c 2004-08-29 23:11:00.000000000 +0000 ++++ stegdetect-0.6/break_jsteg.c 2009-11-13 10:12:16.000000000 +0000 +@@ -42,7 +42,7 @@ + #include + + #include +-#include ++//#include + + #include "config.h" + #include "common.h" +diff -Naur stegdetect-0.6.orig/break_outguess.c stegdetect-0.6/break_outguess.c +--- stegdetect-0.6.orig/break_outguess.c 2004-08-29 23:11:00.000000000 +0000 ++++ stegdetect-0.6/break_outguess.c 2009-11-13 10:12:16.000000000 +0000 +@@ -42,7 +42,7 @@ + #include + + #include +-#include ++//#include + + #include "config.h" + #include "common.h" +diff -Naur stegdetect-0.6.orig/common.c stegdetect-0.6/common.c +--- stegdetect-0.6.orig/common.c 2004-08-29 23:11:00.000000000 +0000 ++++ stegdetect-0.6/common.c 2009-11-13 10:12:16.000000000 +0000 +@@ -38,6 +38,7 @@ + + #include + #include ++#include + + #include "config.h" + #include "jphide_table.h" +@@ -732,6 +733,26 @@ + return (strcasecmp(name + nlen - elen, ext) == 0); + } + ++static magic_t magic_handle; ++ ++int file_init(void) ++{ ++ magic_handle = magic_open(MAGIC_NONE); ++ if (!magic_handle) ++ return -1; ++ return magic_load(magic_handle, "/usr/share/file/magic"); ++} ++ ++int file_process(unsigned char *buf, int n) ++{ ++ const char *format = magic_buffer(magic_handle, buf, n); ++ if (!noprint) ++ fputs(format ? format : "data", stdout); ++ return !!format; ++} ++ ++int noprint = 1; ++ + #define NBUCKETS 64 + + u_char table[256]; +diff -Naur stegdetect-0.6.orig/common.h stegdetect-0.6/common.h +--- stegdetect-0.6.orig/common.h 2004-08-29 23:11:00.000000000 +0000 ++++ stegdetect-0.6/common.h 2009-11-13 10:12:16.000000000 +0000 +@@ -53,6 +53,9 @@ + + char *fgetl(char *, int, FILE *); + int file_hasextension(char *, char *); ++int file_init(void); ++int file_process(unsigned char *, int); ++extern int noprint; + + int is_random(u_char *, int); + +diff -Naur stegdetect-0.6.orig/Makefile.am stegdetect-0.6/Makefile.am +--- stegdetect-0.6.orig/Makefile.am 2004-08-31 14:59:30.000000000 +0000 ++++ stegdetect-0.6/Makefile.am 2009-11-13 10:12:16.000000000 +0000 +@@ -5,10 +5,10 @@ + JPEGLIB = -L$(JPEGDIR) -ljpeg + JPEGDEP = $(JPEGDIR)/libjpeg.a + +-FILEDIR = ./file +-FILEINC = -I$(FILEDIR) +-FILELIB = -L$(FILEDIR) -lfile +-FILEDEP = $(FILEDIR)/libfile.a ++#FILEDIR = ./file ++FILEINC = ++FILELIB = -lmagic ++#FILEDEP = $(FILEDIR)/libfile.a + + GTKINC = @GTKINC@ + GTKLIB = @GTKLIB@ +@@ -17,7 +17,7 @@ + + LIBS = $(JPEGLIB) + +-SUBDIRS = jpeg-6b file ++SUBDIRS = jpeg-6b + + man_MANS = stegdetect.1 stegbreak.1 + +@@ -51,10 +51,10 @@ + stegbreak_DEPENDENCIES = @BFOBJ@ + + stegcompare_SOURCES = $(CSRCS) stegcompare.c +-stegcompare_LDADD = @LIBOBJS@ $(LIBS) ++stegcompare_LDADD = @LIBOBJS@ $(LIBS) ${FILELIB} + + stegdeimage_SOURCES = $(CSRCS) stegdeimage.c +-stegdeimage_LDADD = @LIBOBJS@ $(LIBS) ++stegdeimage_LDADD = @LIBOBJS@ $(LIBS) ${FILELIB} + + xsteg_SOURCES = xsteg.c xsteg.h xsteg_xpm.c + xsteg_LDADD = @LIBOBJS@ $(GTKLIB) $(EVENTLIB) +diff -Naur stegdetect-0.6.orig/rules.ini stegdetect-0.6/rules.ini +--- stegdetect-0.6.orig/rules.ini 1970-01-01 00:00:00.000000000 +0000 ++++ stegdetect-0.6/rules.ini 2009-11-13 10:12:16.000000000 +0000 +@@ -0,0 +1,59 @@ ++# ++# This file was originally part of John the Ripper password cracker, ++# Copyright (c) 1996-98 by Solar Designer ++# ++# Wordlist mode rules ++[List.Rules:Wordlist] ++# Try words as they are ++: ++# Lowercase every pure alphanumeric word ++-c >3!?XlQ ++# Capitalize every pure alphanumeric word ++-c >2(?a!?XcQ ++# Lowercase and pluralize pure alphabetic words ++<*>2!?Alp ++# Lowercase pure alphabetic words and append '1' ++<*>2!?Al$1 ++# Capitalize pure alphabetic words and append '1' ++-c <*>2!?Ac$1 ++# Duplicate reasonably short pure alphabetic words (fred -> fredfred) ++<7>1!?Ald ++# Lowercase and reverse pure alphabetic words ++>3!?AlMrQ ++# Prefix pure alphabetic words with '1' ++>2!?Al^1 ++# Uppercase pure alphanumeric words ++-c >2!?XuQ ++# Lowercase pure alphabetic words and append a digit or simple punctuation ++<*>2!?Al$[2!37954860.?] ++# Words containing punctuation, which is then squeezed out, lowercase ++/?p@?p>3l ++# Words with vowels removed, lowercase ++/?v@?v>3l ++# Words containing whitespace, which is then squeezed out, lowercase ++/?w@?w>3l ++# Capitalize and duplicate short pure alphabetic words (fred -> FredFred) ++-c <7>1!?Acd ++# Capitalize and reverse pure alphabetic words (fred -> derF) ++-c <+>2!?Acr ++# Reverse and capitalize pure alphabetic words (fred -> Derf) ++-c >2!?AMrQc ++# Lowercase and reflect pure alphabetic words (fred -> fredderf) ++<7>1!?AlMrQrf ++# Uppercase the last letter of pure alphabetic words (fred -> freD) ++-c <+>2!?AMrQcr ++# Prefix pure alphabetic words with '2' or '4' ++>2!?Al^[24] ++# Capitalize pure alphabetic words and append a digit or simple punctuation ++-c <*>2!?Ac$[2!3957468.?0] ++# Prefix pure alphabetic words with digits ++>2!?Al^[379568] ++# Capitalize and pluralize pure alphabetic words of reasonable length ++-c <*>2!?Acp ++# Lowercase/capitalize pure alphabetic words of reasonable length and convert: ++# crack -> cracked, crack -> cracking ++<*>2!?Al[PI] ++-c <*>2!?Ac[PI] ++# Try the second half of split passwords ++-s x** ++-s-c x**MlQ +diff -Naur stegdetect-0.6.orig/stegbreak.1 stegdetect-0.6/stegbreak.1 +--- stegdetect-0.6.orig/stegbreak.1 2004-08-29 23:11:00.000000000 +0000 ++++ stegdetect-0.6/stegbreak.1 2009-11-13 10:12:16.000000000 +0000 +@@ -33,7 +33,7 @@ + in the wordlist. The rules follow the same syntax as in Solar + Designers password cracking program John the Ripper. The default + is +-.Pa rules.ini . ++.Pa /usr/share/stegbreak/rules.ini . + .It Fl f Ar wordlist + Specifies the file that contains the words for the dictionary attack. + The default is +@@ -83,10 +83,10 @@ + assuming that information has been embedded with + .Tn jphide . + .Sh FILES +-.Bl -tag -width /usr/local/share/stegbreak/rules.ini -compact ++.Bl -tag -width /usr/share/stegbreak/rules.ini -compact + .It Pa /usr/share/dict/words + default wordfile for the dictionary attack. +-.It Pa /usr/local/share/stegbreak/rules.ini ++.It Pa /usr/share/stegbreak/rules.ini + rules on how to manipulate words for the dictionary attack, from + John the Ripper. + .El +diff -Naur stegdetect-0.6.orig/stegbreak.c stegdetect-0.6/stegbreak.c +--- stegdetect-0.6.orig/stegbreak.c 2004-08-29 23:11:00.000000000 +0000 ++++ stegdetect-0.6/stegbreak.c 2009-11-13 10:12:16.000000000 +0000 +@@ -40,9 +40,10 @@ + #include + #include + #include ++#include + + #include +-#include ++//#include + + #include "config.h" + #include "common.h" +diff -Naur stegdetect-0.6.orig/stegdetect.c stegdetect-0.6/stegdetect.c +--- stegdetect-0.6.orig/stegdetect.c 2004-09-03 04:01:35.000000000 +0000 ++++ stegdetect-0.6/stegdetect.c 2009-11-13 10:12:40.000000000 +0000 +@@ -42,7 +42,7 @@ + #include + + #include +-#include ++//#include + + #include "common.h" + #include "extraction.h" +@@ -78,7 +78,7 @@ + float DCThist[257]; + float scale = 1; /* Sensitivity scaling */ + +-static int debug = 0; ++int debug = 0; + static int quiet = 0; + static int ispositive = 0; /* Current images contain stego */ + static char *transformname; /* Current transform name */ diff --git a/app-forensics/stegdetect/stegdetect-0.6.ebuild b/app-forensics/stegdetect/stegdetect-0.6.ebuild new file mode 100644 index 000000000..9a4723001 --- /dev/null +++ b/app-forensics/stegdetect/stegdetect-0.6.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +EAPI=2 +NEED_AUTOMAKE="1.4" + +inherit autotools eutils + +DESCRIPTION="A Steganography detector for JPEG" +HOMEPAGE="http://www.outguess.org/" +SRC_URI="http://www.outguess.org/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86" + +IUSE="X" +RDEPEND="sys-apps/file + dev-libs/glib:1 + X? ( x11-libs/gtk+:1 )" +DEPEND="${RDEPEND}" + +src_compile(){ + epatch ${FILESDIR}/${P}.patch + ./configure + emake || die "make failed" +} + +src_install() { + insinto /usr/share/stegbreak/ + doins rules.ini + dobin stegbreak stegcompare stegdeimage stegdetect + use X && dobin xsteg + doman *.1 +}