search

bannsec / stegoVeritas

Yet another Stego Tool
GNU General Public License v2.0
357 stars 38 forks source link

New issue when trying to use stegoVeritas #28

Closed dieao closed 4 years ago

dieao commented 4 years ago

+---------+------------------+---------------------------------------------------------------------------------------------------------------------+---------------+ | 0x1d4f6 | Carved | gzip compressed data, maximum compression, has original file name: "layer2.png", last modified: 2020-06-27 13:44:15 | layer2.png.gz | | 0x1d4f6 | Extracted | gzip compressed data, maximum compression, has original file name: "layer2.png", last modified: 2020-06-27 13:44:15 | layer2.png | | 0x1d539 | Carved | Zlib compressed data, default compression | 1D539.zlib | | 0x1d539 | Extracted | Zlib compressed data, default compression | 1D539 | +---------+------------------+---------------------------------------------------------------------------------------------------------------------+---------------+ Traceback (most recent call last): File "/usr/lib/python3.8/shutil.py", line 788, in move os.rename(src, real_dst) FileNotFoundError: [Errno 2] No such file or directory: '/tmp/tmps1sboa4g/_scanme.extracted/layer2.png.gz' -> '/home/user/results/keepers/layer2.png.gz'

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/bin/stegoveritas", line 10, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/stegoveritas/stegoveritas.py", line 257, in main veritas.run() File "/usr/local/lib/python3.8/dist-packages/stegoveritas/stegoveritas.py", line 53, in run module.run() File "/usr/local/lib/python3.8/dist-packages/stegoveritas/modules/init.py", line 31, in run module.run(self) File "/usr/local/lib/python3.8/dist-packages/stegoveritas/modules/multi/analysis/carve.py", line 29, in run multi.veritas.test_output(f.read()) File "/usr/local/lib/python3.8/dist-packages/stegoveritas/stegoveritas.py", line 134, in test_output shutil.move( keeper, keeper_dst ) File "/usr/lib/python3.8/shutil.py", line 802, in move copy_function(src, real_dst) File "/usr/lib/python3.8/shutil.py", line 432, in copy2 copyfile(src, dst, follow_symlinks=follow_symlinks) File "/usr/lib/python3.8/shutil.py", line 261, in copyfile with open(src, 'rb') as fsrc, open(dst, 'wb') as fdst: FileNotFoundError: [Errno 2] No such file or directory: '/tmp/tmps1sboa4g/_scanme.extracted/layer2.png.gz'

dantes-inferno

trying to extract every bit of data from the file attached

bannsec commented 4 years ago

Interesting. Thanks for the report. Looks like binwalk's extraction algorithm will simply call gunzip or similar on the output, which has the affect of removing the original file. That's why this is erroring out.

Will be pushing an update shortly for this.