Data leaks are a digital nightmare, leaving organizations scrambling to identify the source and contain the damage. Enter wholeaked, a tool that promises to revolutionize leak detection by embedding a traceable signature within sensitive files. But before you jump in, let's explore its capabilities, limitations, and how to use it responsibly.
What is Wholeaked?
Wholeaked is a file-sharing tool written in Go that allows embedding a unique, invisible signature within various file formats. This signature acts as a digital fingerprint, helping identify the source of a leak if the file ends up in the wrong hands.
Benefits:
Enhanced Leak Detection: Identify the source of leaks faster, enabling quicker response and damage mitigation.
Versatility: Supports various file formats (PDFs, images, text documents) and signature embedding methods.
Open-Source: Community-driven development fosters transparency and potential improvements.
Concerns:
Ethical Dilemmas: Tracking individuals raises privacy concerns. Who controls data and how is it used?
Misuse Potential: Can be misused for employee surveillance or targeted harassment.
Technical Limitations: Circumventing the signature is not impossible for determined individuals.
Installation and Usage:
Requirements:
Go programming language installed
exiftool (download for Windows: https://exiftool.org/install.html
Installation:
1. Windows:
Download and place exiftool.exe in the same directory as wholeaked.
Open a command prompt and navigate to the directory.
Run
go install github.com/utkusen/wholeaked@latest
2. Linux/macOS:
Install exiftool using your package manager (e.g., apt install exiftool for Debian-based Linux, brew install exiftool for macOS).
Run below command in terminal
go install github.com/utkusen/wholeaked@latest
pdftotext
wholeaked requires pdftotext for verifying watermarks inside PDF files. If you don't want to use this feature, you don't need to install it.
- Download "Xpdf command line tools" for Linux, macOS or Windows from here: https://www.xpdfreader.com/download.html
- Extract the archive and navigate to bin64 folder.
- Copy the pdftotext (or pdftotext.exe) executable to the same folder with wholeaked
- For Debian Based Linux: Run apt install libfontconfig command.
Usage:
Basic Usage:
wholeaked requires a project name -n, the path of the base file which the signatures will add -f and a list of target recipients -t
Example command: ./wholeaked -n test_project -f secret.pdf -t targets.txt
The targets.txt file should contain name and the e-mail address in the following format:
Utku Sen,utku@utkusen.com
Bill Gates,bill@microsoft.com
After execution is completed, the following unique files will be generated:
test_project/files/Utku_Sen/secret.pdf
test_project/files/Bill_Gates/secret.pdf
By default, wholeaked adds signatures to all available places that are defined in the "File Types and Detection Modes" section. If you don't want to use a method, you can define it with a false flag. For example:
./wholeaked -n test_project -f secret.pdf -t targets.txt -binary=false -metadata=false -watermark=false
Sending E-mails
In order to send e-mails, you need to fill some sections in the CONFIG file.
- If you want to send e-mails via Sendgrid, type your API key to the SENDGRID_API_KEY section.
- If you want to send e-mails via AWS SES integration, you need to install awscli on your machine and add the required AWS key to it. wholeaked will read the key by itself. But you need to fill the AWS_REGION section in the config file.
- If you want to send e-mails via a SMTP server, fill the SMTP_SERVER, SMTP_PORT, SMTP_USERNAME, SMTP_PASSWORD sections.
The other necessary fields to fill:
- EMAIL_TEMPLATE_PATH Path of the e-mail's body. You can specify use HTML or text format.
- EMAIL_CONTENT_TYPE Can be html or text
- EMAIL_SUBJECT Subject of the e-mail
- FROM_NAME From name of the e-mail
- FROM_EMAIL From e-mail of the e-mail
To specify the sending method, you can use -sendgrid, -ses or -smtp flags. For example:
./wholeaked -n test_project -f secret.pdf -t targets.txt -sendgrid
Validating a Leaked File
You can use the -validate flag to reveal the owner of a leaked file. wholeaked will compare the signatures detected in the file and the database located in the project folder. Example:
./wholeaked -n test_project -f secret.pdf -validate
Important: You shouldn't delete the project_folder/db.csv file if you want to use the file validation feature. If that file is deleted, wholeaked won't be able to compare the signatures.
Video Demonstration:
Download:
https://github.com/utkusen/wholeaked
Remember:
Use wholeaked ethically and responsibly.
Consider alternative solutions before resorting to fingerprinting files.
Openly communicate the use of such tools to avoid privacy concerns.
By understanding the capabilities and limitations of wholeaked, you can make informed decisions about its use. Remember, security is important, but so is protecting individual privacy. Let's work together to create a secure digital world without sacrificing fundamental rights.
The Verdict:
Wholeaked is a powerful tool with the potential to be a valuable asset in the fight against data leaks. However, its ethical implications and potential for misuse cannot be ignored. Before embracing wholeaked, organizations and individuals must carefully consider the tool's capabilities, limitations, and the ethical framework within which it will be used.
.png)
%20(20)%20(1).jpeg)
){kind=link}
1 Comments
Copy address
ReplyDelete