Image steganography

"; } //Check that the secret image has been uploaded if(is_uploaded_file($_FILES['secret']['tmp_name'])) { $secret = gen_filename("/home/james/www/images/", file_ext($_FILES['secret']['name'])); move_uploaded_file($_FILES['secret']['tmp_name'], $secret); } else { $error .= "Secret image was not uploaded correctly
"; } //Check that hidbits is valid $hidbits = intval($_POST['hidbits']); if(($hidbits < 1) || ($hidbits > 7)) { $error .= "Hidden bits value was out of range. Should be 1 to 7.
"; } //Generate output path $output_path = gen_filename("/home/james/www/images/", ".png"); $_SESSION['output_path'] = $output_path; //Call hideimage with required stuff if($error != "") break; $ret = shell_exec("/home/james/bin/hideimage ".escapeshellarg($cover)." ".escapeshellarg($secret)." ".escapeshellarg($output_path)." ".escapeshellarg($_POST['hidbits']).$xor); if(!file_exists($output_path)) { echo "

An error occured which meant that the image was not generated.

"; } else { echo "Click image for full-size copy.
"; echo "\"Generated
"; } break; case "unhide": //Check that image was uploaded if(is_uploaded_file($_FILES['image']['tmp_name'])) { $image = gen_filename("/home/james/www/images/", file_ext($_FILES['image']['name'])); move_uploaded_file($_FILES['image']['tmp_name'], $image); } else { $error .= "Image was not uploaded correctly
"; } //Check that hidbits is valid $hidbits = intval($_POST['hidbits']); if(($hidbits < 1) || ($hidbits > 7)) { $error .= "Hidden bits value was out of range. Should be in 1 to 7 inclusive.
"; } //Generate output path $output_path = gen_filename("/home/james/www/images/", ".png"); $_SESSION['output_path'] = $output_path; //Call unhideimage with required stuff if($error != "") break; $ret = shell_exec("/home/james/bin/unhideimage ".escapeshellarg($image)." ".escapeshellarg($output_path)." ".escapeshellarg($_POST['hidbits']).$xor); if(!file_exists($output_path)) { echo "

An error occured which meant that the image was not generated.

"; } else { echo "Click image for full-size copy.
"; echo "\"Generated
"; } break; } } if($error != "") echo "

$error

"; ?> On this page you may upload an image to be hidden inside another image by my hideimage program. Note that if you want to be secure, do not use this page. Your image will be sent in clear through the internet to my server. Anyone in between you and me (including me) can see the image. There is also an extremely small chance that my script can get confused and show somebody else your image. This is so unlikely that it's hardly worth mentioning, I'm just saying that if you want secure, don't use this page.

Update: I now have a self-signed SSL certificate. Visit this page over SSL if you want encryption, but be warned that my certificate is not signed by a root CA (so there is no way to be sure that there is no man-in-the-middle), and that I can still see your images, by necessity, as they are stored temporarily on the server.

The cover image and secret image parameters are self explanatory. Hidden bits is the number of bits to the byte of the secret image to use. The most significant bits will be chosen. The least significant bits of the cover image will be replaced by these. The XOR parameter specifies whether or not the least significant bits of the resulting image should be XOR'd by the most significant bits.

The output image will always be a PNG, and will be deleted at 3am, 6am, 9am, midday, 3pm, 6pm, 9pm, or midnight - whichever comes first. The image should only be accessible by your session, and cookies must be enabled in order for you to get the output.

Hide image:
Cover image:
Secret image:
Hidden bits: XOR last bits of pixel by first ones

To do the example of the tree and the cat from Wikipedia, download the tree image, select it in the file box, select 2 hidden bits, and ensure that XOR is not checked. Then click 'Go!' and you will be presented with the cat.

Unhide image:
Image:
Hidden bits: XOR last bits of pixel by first ones