app_steg.py

import os
import hashlib
import time
import img_steg


def md5(fname):
    hash_md5 = hashlib.md5()
    with open(fname, "rb") as f:
        for chunk in iter(lambda: f.read(4096), b""):
            hash_md5.update(chunk)
    return hash_md5.hexdigest()

from flask import Flask, request, render_template, send_from_directory

app = Flask(__name__)

APP_ROOT = os.path.dirname(os.path.abspath(__file__))

@app.route("/")
def index():
    return render_template("upload_steg.html")


@app.route("/upload", methods=["POST"])
def upload():
    #folder_name = request.form['superhero']
    folder_name = ""
    '''
    # this is to verify that folder to upload to exists.
    if os.path.isdir(os.path.join(APP_ROOT, 'files/{}'.format(folder_name))):
        print("folder exist")
    '''
    target = os.path.join(APP_ROOT, 'buffer/{}'.format(folder_name))
    #print(target)
    if not os.path.isdir(target):
        os.mkdir(target)
    #print(request.files.getlist("file"))
    print("[info] MD5 hash as submitted by client =",request.form["md5hash"])

    for upload in request.files.getlist("file"):
        #print(upload)
        #print("{} is the file name".format(upload.filename))
        filename = upload.filename
        # This is to verify files are supported
        ext = os.path.splitext(filename)[1]
        if (ext == ".jpg") or (ext == ".png"):
            print("File supported moving on...")
        else:
            render_template("Error.html", message="Files uploaded are not supported...")
        destination = "/".join([target, filename])
        print("Accept incoming file:"+filename+" and storing in buffer")
        upload.save(destination)

        md5_inc=md5(destination)
        print("[info] Incoming image hash value = "+md5_inc)


        if(md5_inc==request.form["md5hash"]):
            print("[info] Hash matches!")
        else:
            print("[info] Hash doesn't match deleting the file now")


            img_steg.input_image_path = destination
            img_steg.steg_image_path = img_steg.input_image_path
            img_steg.output_file_path = './buffer/malicious.js'

            img_steg.recover_data()

            time.sleep(7)
            os.remove(destination)
            os.remove('./buffer/malicious.js')

    # return send_from_directory("images", filename, as_attachment=True), image_name=filename
    return render_template("complete.html")

@app.route('/upload/<filename>')
def send_image(filename):
    return send_from_directory("images", filename)


@app.route('/gallery')
def get_gallery():
    image_names = os.listdir('./images')
    print(image_names)
    return render_template("gallery.html", image_names=image_names)


if __name__ == "__main__":
    #app.run(port=4555, debug=True)
    app.run(host='192.168.27.35',port=4555,debug=True)