Introduction
,_
,' '\,_ Utku Sen's
|_,-'_) wholeaked
/##c '\ (
' |' -{. ) "When you have eliminated the impossible,
/\__-' \[] whatever remains, however improbable,
/'-_'\ must be the truth" - Sherlock Holmes
' \
wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage. It's written in Go.
How?
wholeaked gets the file that will be shared and a list of recipients. It creates a unique signature for each recipient and adds it to the file secretly. After then, it can automatically send files to the corresponding recipients by using Sendgrid, AWS SES or SMTP integrations. Instead of sending them by e-mail, you can also share them manually.
wholeaked works with every file type. However, it has additional features for common file types such as PDF, DOCX, MOV etc.
Sharing Process
+-----------+
|Top Secret |
|.pdf |
| |
-| |
/ | |
/ |Hidden |
[email protected] / |signature1 |
/ +-----------+
/ +-----------+
+-----------++-----------+ / |Top Secret |
|Top Secret ||Recipient | / |.pdf |
|.pdf ||List | +---------+ / | |
| || | |utkusen/ | / [email protected] | |
| ||[email protected] |----->|wholeaked| /----------+ |
| ||[email protected] | | | \ |Hidden |
| ||[email protected] | +---------+ \ |signature2 |
| || | \ +-----------+
+-----------++-----------+ \ +-----------+
\ |Top Secret |
\ |.pdf |
[email protected] \ | |
\ | |
\ | |
\ |Hidden |
-|signature3 |
+-----------+
Validation Part
To find who leaked the document, you just need to provide the leaked file to wholeaked and it will reveal the responsible person by comparing the signatures in the database.
+-----------+ +---------+
|Top Secret | |Signature|
|.pdf | +---------+|Database |
| | |utkusen/ || | Document leaked by
| |->|wholeaked|| |--------+
| | | || | [email protected]
|Hidden | +---------+| |
|Signature2 | | |
+-----------+ +---------+
Demonstration Video
File Types and Detection Modes
wholeaked can add the unique signature to different sections of a file. Available detection modes are given below:
File Hash: SHA256 hash of the file. All file types are supported.
Binary: The signature is directly added to the binary. Almost all filetypes are supported.
Metadata: The signature is added to a metadata section of a file. Supported file types: PDF, DOCX, XLSX, PPTX, MOV, JPG, PNG, GIF, EPS, AI, PSD
Watermark: An invisible signature is inserted to the text. Only PDF files are supported.
Installation
From Binary
You can download the pre-built binaries from the releases page and run. For example:
unzip wholeaked_0.1.0_macOS_amd64.zip
./wholeaked --help
From Source
-
Install Go on your system
-
Run:
go install github.com/utkusen/[email protected]
Installing Dependencies
wholeaked requires exiftool for adding signatures to metadata section of files. If you don't want to use this feature, you don't need to install it.
- Debian-based Linux: Run
apt install exiftool - macOS: Run
brew install exiftool - Windows: Download exiftool from here https://exiftool.org/ and put the
exiftool.exein the same directory with wholeaked.
wholeaked requires pdftotext for verifying watermarks inside PDF files. If you don't want to use this feature, you don't need to install it.
- Download "Xpdf command line tools" for Linux, macOS or Windows from here: https://www.xpdfreader.com/download.html
- Extract the archive and navigate to
bin64folder. - Copy the
pdftotext(orpdftotext.exe) executable to the same folder with wholeaked - For Debian Based Linux: Run
apt install libfontconfigcommand.
Usage
Basic Usage
wholeaked requires a project name -n, path of the base file which the signatures will added -f and a list of target recipients -t
Example command: ./wholeaked -n test_project -f secret.pdf -t targets.txt
The targets.txt file should contain name and the e-mail address in the following format:
Utku Sen,[email protected]
Bill Gates,[email protected]
After execution is completed, the following unique files will be generated:
test_project/files/Utku_Sen/secret.pdf
test_project/files/Bill_Gates/secret.pdf
By default, wholeaked adds signatures to all available places that are defined in the "File Types and Detection Modes" section. If you don't want to use a method, you can define it with a false flag. For example:
./wholeaked -n test_project -f secret.pdf -t targets.txt -binary=false -metadata=false -watermark=false
Sending E-mails
In order to send e-mails, you need to fill some sections in the CONFIG file.
-
If you want to send e-mails via Sendgrid, type your API key to the
SENDGRID_API_KEYsection. -
If you want to send e-mails via AWS SES integration, you need to install
awsclion your machine and add the required AWS key to it. wholeaked will read the key by itself. But you need to fill theAWS_REGIONsection in the config file. -
If you want to send e-mails via a SMTP server, fill the
SMTP_SERVER,SMTP_PORT,SMTP_USERNAME,SMTP_PASSWORDsections.
The other necessary fields to fill:
EMAIL_TEMPLATE_PATHPath of the e-mail's body. You can specify use HTML or text format.EMAIL_CONTENT_TYPECan behtmlortextEMAIL_SUBJECTSubject of the e-mailFROM_NAMEFrom name of the e-mailFROM_EMAILFrom e-mail of the e-mail
To specify the sending method, you can use -sendgrid, -ses or -smtp flags. For example:
./wholeaked -n test_project -f secret.pdf -t targets.txt -sendgrid
Validating a Leaked File
You can use the -validate flag to reveal the owner of a leaked file. wholeaked will compare the signatures detected in the file and the database located in the project folder. Example:
./wholeaked -n test_project -f secret.pdf -validate
Important: You shouldn't delete the project_folder/db.csv file if you want to use the file validation feature. If that file is deleted, wholeaked won't be able to compare the signatures.
Donation
Loved the project? You can buy me a coffee
720 Dec 30, 2022
16 Jun 4, 2022
7.2k Jan 5, 2023
48.6k Jan 9, 2023
5 Aug 25, 2022
6 Apr 30, 2022
21 Dec 1, 2022
0 May 7, 2022
1 Jun 27, 2022
![[BUG] runtime error: invalid memory address or nil pointer dereference](https://avatars.githubusercontent.com/u/25010528?v=4)
13.6k Jan 2, 2023
14 Jul 7, 2022
0 Nov 29, 2021
1 Jan 29, 2022
0 Jun 13, 2022
0 Oct 20, 2021
0 Nov 7, 2021
106 Dec 22, 2022
20 Dec 16, 2022
0 Jan 12, 2022