import os import io import struct import base64 from flask import Flask, request, render_template_string, send_file from PIL import Image from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from cryptography.hazmat.primitives.ciphers.aead import AESGCM app = Flask(__name__) Image.MAX_IMAGE_PIXELS = None # --- Core Logic (The Vault) --- def derive_key(password, salt): kdf = PBKDF2HMAC( algorithm=hashes.SHA256(), length=32, salt=salt, iterations=100000, ) return kdf.derive(password.encode()) def create_vault(file_bytes, filename, password=None): # Prepare payload: [name_len (1) | name | file_len (4) | file_data] name_enc = filename.encode('utf-8') payload = struct.pack('B', len(name_enc)) + name_enc + struct.pack(' PNG Vault Python

PNG Vault

HIDE FILE
EXTRACT FILE
""" @app.route('/') def index(): return render_template_string(HTML_TEMPLATE) @app.route('/encode', methods=['POST']) def encode_route(): file = request.files['file'] password = request.form.get('password') img_io, name = create_vault(file.read(), file.filename, password) return send_file(img_io, mimetype='image/png', as_attachment=True, download_name=name) @app.route('/decode', methods=['POST']) def decode_route(): file = request.files['file'] password = request.form.get('password') try: file_io, name = extract_vault(file.read(), password) return send_file(file_io, mimetype='application/octet-stream', as_attachment=True, download_name=name) except Exception as e: return f"Error: {str(e)}", 400 if __name__ == '__main__': app.run(debug=True, port=8080)