Researchers have again proved why pixelation of images can be a bad idea to hide text. A new tool “Unredacter” has surfaced that can retrieve pixelized text from images with impressive accuracy.
About Unredacter Tool To Read Text From Pixelized Images
Security researcher Dan Petro from Bishop Fox has shared details about the Unredacter tool to redact pixelized text from images.
As elaborated in his post, the idea caught the researcher’s attention after knowing about how Depix works. Depix is another similar tool presented in late 2020 by other researchers, explaining how it could un-redact pixelated text.
While Depix claims to deliver good results, another researcher from Jumpsec mentioned how Depix can fail sometimes in real-world applications. Explaining Depix’s weakness in a post, the researcher stated,
A big caveat to Depix’s use-case is that it relies on the redaction tool operating in a specific way: the text must have been pixelated with a linear box filter, since it processes every block separately. What this means is that the tool takes a quadrant of the pixels and overwrites them based on specific averages of those collected pixels.
The researcher even compared Depix’s unredaction with that of password brute-force to elaborate on how the tool’s algorithm works.
Given this weakness and Jumpsec’s challenge to unredact their given text, Petro decided to give text unredaction from pixelated imaged a try. Hence, he devised “Unredacter” while fixing the issues that appeared when using Depix.
As elaborated in a post, the problems with image pixelization that would fail an unredaction tool include character bleed-over issue, whitespace, variable-width font, font inconsistency, and pixelation offset.
After addressing all these problem areas, Petro tested Unredacter on the given pixelated text from Jumpsec. And expectedly, the tool successfully retrieved the challenge text.
The researcher has shared the tool publicly on GitHub. So now, anyone interested in cracking pixelated text can test the tool.
Let us know your thoughts in the comments.