From 3c6c08429d49c2ff273e278c4f27f968d308a826 Mon Sep 17 00:00:00 2001 From: Pin Date: Fri, 15 Oct 2021 21:17:47 -0400 Subject: [PATCH] wip --- .gitignore | 1 + cmd/crc.c | 115 ++++++++++++++++++++++++++++++++++----------- include/crc.h | 3 +- include/crc_util.h | 9 +++- src/crc_util.c | 67 +++++--------------------- 5 files changed, 109 insertions(+), 86 deletions(-) diff --git a/.gitignore b/.gitignore index 25b3266..c7a6301 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ *.woo *.wow *.gch +vgcore.* bin/ diff --git a/cmd/crc.c b/cmd/crc.c index 4c40bc4..5fc9efb 100644 --- a/cmd/crc.c +++ b/cmd/crc.c @@ -1,3 +1,4 @@ +#include #include #include #include @@ -66,7 +67,7 @@ void random_data_change(unsigned char *color_data, int width, int length) { int color_range = 3; unsigned char temp_color_data[length]; - memcpy(temp_color_data, color_data, length); + //memcpy(temp_color_data, color_data, length); do { rounds++; @@ -96,6 +97,7 @@ void random_data_change(unsigned char *color_data, int width, int length) { unsigned int temp_crc = crc(full_data, check_data_length); if ((temp_crc >> (8*3)) == 10 ) { printf("Found in %zu rounds!\n", rounds); + memcpy(color_data, temp_color_data, length); searching = 0; } free(check_data_buff); @@ -104,8 +106,59 @@ void random_data_change(unsigned char *color_data, int width, int length) { } while(searching == 1); } -int change_idat_content(unsigned char *addr, unsigned char *message, int accuracy, unsigned long offset) { - //printf("Starting IDAT Tranform\n"); +void build_png_file(struct PNG_FILE_STRUCT *png_file) { + FILE *fp; + + fp = fopen("TESTPNG.png", "w"); + + union{ + unsigned char data[sizeof(struct PNG_START_FILE_STRUCT)]; + struct PNG_START_FILE_STRUCT png_data; + }start_data; + + start_data.png_data = png_file->png_start_data; + + // IHDR Data + for(int i = 0; i < sizeof(struct PNG_START_FILE_STRUCT); i++) { + fputc(start_data.data[i], fp); + } + // IDAT Data + for(int i = 0; i < 4; i++) { + fputc(png_file->png_idat_data.idat_length[i], fp); + } + for(int i = 0; i < 4; i++) { + fputc(png_file->png_idat_data.idat_header[i], fp); + } + for(int i = 0; i < be32toh(png_file->png_idat_data.idat_data_length); i++) { + fputc(png_file->png_idat_data.idat_data[i], fp); + } + // Generating CRC + unsigned char full_data[be32toh(png_file->png_idat_data.idat_data_length)+4]; + for(int i = 0; i < 4; i++) { + full_data[i] = png_file->png_idat_data.idat_header[i]; + } + for(int i = 0; i < be32toh(png_file->png_idat_data.idat_data_length); i++) { + full_data[i+4] = png_file->png_idat_data.idat_data[i]; + } + + unsigned int int_crc = crc(full_data, be32toh(png_file->png_idat_data.idat_data_length)); + unsigned char new_crc[4]; + + for(int i = 0; i < 4; i++) { + new_crc[i] = int_crc >> (8*(3-i)) & 0xFF; + fputc(new_crc[i], fp); + } + + // IEND Data + unsigned char IEND_DATA[12] = { 0x00, 0x00, 0x00, 0x00, 0x49, 0x45, 0x4E, 0x44, 0xAE, 0x42, 0x60, 0x82}; + for(int i = 0; i < 12; i++) { + fputc(IEND_DATA[i], fp); + } + + fclose(fp); +} + +int change_idat_content(unsigned char *addr, struct PNG_FILE_STRUCT *png_file, unsigned char *message, int accuracy, unsigned long offset) { if(accuracy > 4) { printf("Warning, accuracy cannot be larger than 4"); return EXIT_FAILURE; @@ -113,7 +166,7 @@ int change_idat_content(unsigned char *addr, unsigned char *message, int accurac if(accuracy > 2) { printf("Notice, this could take a long time..."); } - if(total_idat(addr) < strlen(message)) { + if(total_idat(addr) < strlen((char*)message)) { printf("Warning, message exceeds IDAT amount"); return EXIT_FAILURE; } @@ -121,7 +174,6 @@ int change_idat_content(unsigned char *addr, unsigned char *message, int accurac int idat_length = check_header_length(addr, offset); printf("IDAT Length: %d\n", idat_length); - int prop_found = 0; long size = 1; size_t idat_byte_length = 0; unsigned char* idat_data = calloc(size, sizeof(unsigned char)); @@ -134,29 +186,37 @@ int change_idat_content(unsigned char *addr, unsigned char *message, int accurac idat_byte_length = i; } unsigned char temp_idat_data[idat_byte_length]; - while(prop_found == 0) { - for(int i = 0; i <= idat_length; i++) { - temp_idat_data[i] = idat_data[i]; - } - // Decompressing Data - unsigned char *uncom_data_buff = NULL; - size_t uncom_data_size = 0; - zlib_decompress_data(temp_idat_data, idat_byte_length, &uncom_data_buff, &uncom_data_size); + for(int i = 0; i <= idat_length; i++) { + temp_idat_data[i] = idat_data[i]; + } + // Decompressing Data + unsigned char *uncom_data_buff = NULL; + size_t uncom_data_size = 0; + zlib_decompress_data(temp_idat_data, idat_byte_length, &uncom_data_buff, &uncom_data_size); - random_data_change(uncom_data_buff, 16, uncom_data_size); + random_data_change(uncom_data_buff, 16, uncom_data_size); + + // Compress Data + unsigned char *com_data_buff; + size_t com_data_size = 0; + zlib_compress_data(uncom_data_buff, uncom_data_size, &com_data_buff, &com_data_size); - free(uncom_data_buff); + png_file->png_idat_data.idat_data = calloc(com_data_size, sizeof(unsigned char)); - //printf("Found %d in %d rounds\n", checked_crc ,rounds); - //printf("Full CRC: %08X\n", crcnum); - //printf("Original: %02X\n", idat_data[j]); - //printf("Change offset: %d to hex: %02X\n", j, temp_idat_data[j]); - //addr[offset+8+j] = temp_idat_data[j]; - //update_file_crc(addr, offset, crcnum); - prop_found = 1; + // TEMP FIX FOR IDAT SIZE ISSUES + png_file->png_idat_data.idat_length[3] = (unsigned char)com_data_size; + + for(size_t i = 0; i < com_data_size; i++) { + png_file->png_idat_data.idat_data[i] = com_data_buff[i]; } + // Build PNG File + build_png_file(png_file); + + free(uncom_data_buff); + free(com_data_buff); free(idat_data); + free(png_file->png_idat_data.idat_data); return 0; } @@ -166,8 +226,7 @@ int main() { FILE *fp; size_t i = 0; unsigned long offset = 0; - struct PNG_START_FILE_STRUCT png_start_file_data; - struct PNG_IDAT_FILE_STRUCT png_idat_file_data; + struct PNG_FILE_STRUCT png_file_data; unsigned char *message = malloc(sizeof(char)); message[0] = '\0'; @@ -185,15 +244,15 @@ int main() { unsigned char *file_data = file_to_char_array(fp, &i); fclose(fp); - populate_start_png(file_data, &png_start_file_data); + populate_start_png(file_data, &png_file_data.png_start_data); offset = first_idat(file_data); printf("Off: %ld\n", offset); - populate_idat_png(file_data, &png_idat_file_data, offset); + populate_idat_png(file_data, &png_file_data.png_idat_data, offset); + + change_idat_content(file_data, &png_file_data, message, 1, offset); - change_idat_content(file_data, message, 1, offset); free(file_data); free(message); - //create_cc_file(file_data, i); } diff --git a/include/crc.h b/include/crc.h index acaba82..64ef786 100644 --- a/include/crc.h +++ b/include/crc.h @@ -3,4 +3,5 @@ int check_file_header(char *addr); int check_header_length(unsigned char *addr, long offset); unsigned long first_idat(unsigned char *addr); int total_idat(unsigned char *addr); -int change_idat_content(unsigned char *addr, unsigned char *message, int accuracy, unsigned long offset); +void build_png_file(struct PNG_FILE_STRUCT *png_file);;; +int change_idat_content(unsigned char *addr, struct PNG_FILE_STRUCT *png_file, unsigned char *message, int accuracy, unsigned long offset); diff --git a/include/crc_util.h b/include/crc_util.h index f83a534..be0a513 100644 --- a/include/crc_util.h +++ b/include/crc_util.h @@ -1,4 +1,5 @@ #include +#include // PNG File Struct struct PNG_START_FILE_STRUCT { @@ -16,14 +17,18 @@ struct PNG_START_FILE_STRUCT { }; struct PNG_IDAT_FILE_STRUCT { - unsigned char idat_length[4]; + union{ + unsigned char idat_length[4]; + uint32_t idat_data_length; + }; unsigned char idat_header[4]; unsigned char idat_crc[4]; - unsigned char idat_data[]; + unsigned char *idat_data; }; struct PNG_FILE_STRUCT { struct PNG_START_FILE_STRUCT png_start_data; + struct PNG_IDAT_FILE_STRUCT png_idat_data; }; extern const long png_signature[8]; diff --git a/src/crc_util.c b/src/crc_util.c index 271cbed..2b99d11 100644 --- a/src/crc_util.c +++ b/src/crc_util.c @@ -37,65 +37,22 @@ void populate_idat_png(unsigned char *addr, struct PNG_IDAT_FILE_STRUCT *png_dat cur_idat_length += (png_data->idat_length[i] << (24-(8*i))); } - printf("\n%ld\n", cur_idat_length); + for(int i = 0; i < 4; i++){ + png_data->idat_header[i] = addr[i+offset+4]; + } } void populate_start_png(unsigned char *addr, struct PNG_START_FILE_STRUCT *png_data) { - for(int i = 0; i < 8; i++) { - png_data->file_sig[i] = addr[i]; - printf("%02X ", png_data->file_sig[i]); + union{ + unsigned char *data; + struct PNG_START_FILE_STRUCT *png_data; + }png; + + png.png_data = png_data; + + for(int i = 0; i < sizeof(struct PNG_START_FILE_STRUCT); i++) { + png.data[i] = addr[i]; } - printf("\n"); - for(int i = 0; i < 4; i++) { - png_data->ihdr_length[i] = addr[i+8]; - printf("%02X ", png_data->ihdr_length[i]); - } - printf("\n"); - for(int i = 0; i < 4; i++) { - png_data->ihdr_header[i] = addr[i+12]; - printf("%02X ", png_data->ihdr_header[i]); - } - printf("\n"); - for(int i = 0; i < 4; i++) { - png_data->file_width[i] = addr[i+16]; - printf("%02X ", png_data->file_width[i]); - } - printf("\n"); - for(int i = 0; i < 4; i++) { - png_data->file_height[i] = addr[i+20]; - printf("%02X ", png_data->file_height[i]); - } - printf("\n"); - for(int i = 0; i < 1; i++) { - png_data->bit_depth[i] = addr[i+24]; - printf("%02X ", png_data->bit_depth[i]); - } - printf("\n"); - for(int i = 0; i < 1; i++) { - png_data->color_type[i] = addr[i+25]; - printf("%02X ", png_data->color_type[i]); - } - printf("\n"); - for(int i = 0; i < 1; i++) { - png_data->compression_method[i] = addr[i+26]; - printf("%02X ", png_data->compression_method[i]); - } - printf("\n"); - for(int i = 0; i < 1; i++) { - png_data->filter_method[i] = addr[i+27]; - printf("%02X ", png_data->filter_method[i]); - } - printf("\n"); - for(int i = 0; i < 1; i++) { - png_data->interlace_method[i] = addr[i+28]; - printf("%02X ", png_data->interlace_method[i]); - } - printf("\n"); - for(int i = 0; i < 4; i++) { - png_data->ihdr_crc[i] = addr[i+29]; - printf("%02X ", png_data->ihdr_crc[i]); - } - printf("\n"); } int create_cc_file(unsigned char *addr, unsigned long file_length) {