Open Source Tool Unredacter restores text that has been pixelated
Unredacter is an open source tool that is designed to restore text that has been pixelated. Sharing screenshots and other images is done with the press of a button on today's devices. Users who want to protect information on these images may use various techniques to do so. One common option when it comes to textual information is to use an image editor to pixelate the data.
The effectiveness of the manipulation of the image depends entirely on the selected algorithm. Tools to unpixel pixelated content in images have been around for some time, and security researchers have pointed out that pixelation is particularly weak when it comes to that.
Unredacter was created by security researcher Dan Petro as a response to a challenge to reveal pixelated text published on the Jumpsec blog. The researcher's tool was successful in de-obfuscating the posted pixelated text.
The open source tool has been published on GitHub. It is not an executable file and requires some manual adjustments for each image with pixelated information to work properly.
First step is to download the project to the local system. The source image needs to be edited so that only the pixelated part remains. Then, it is necessary to change the block size in the code and change the CSS as well to match the source text and to select a character set.
- Crop your image down to just the pixelated area. No borders, no other text. Replace secret.png with that. I recommend doing it in GiMP.
- Make note of the block size. (It's just size of each pixelated block) Replace blockSize in the code with that.
- Get the CSS just right. This is the hardest and most time-consuming part. Try entering it into test.html and view it in Chrome. Tweak it until you can replicate some sample text as exactly as possible. Pay particular attention to the word and letter spacing. If it skews, then it'll all mess up. Also the font-weight, or else things will end up too light or dark. I can't emphasize enough how critical this step is, as the whole thing really depends on being able to correctly replicate the redacted characters.
- Determine what character set you want to try. It's at the top of preload.ts.
- Press the go button and see if it works!
It is quite tedious to get it right, but someone could turn the tool into a full-fledged application to make it more user-friendly and less time consuming.
For users, it is essential that pixelation is not used anymore when it comes to obfuscating parts of text. Common options include deleting the information entirely or painting over the part using a solid color.
Now You: have you pixelated text in the past?
is it safer to cut out the text as opposed to pixelating it? or can that be reconstructed as well?
Cutting out is better
Find out all
Lol how would they reconstruct cut out text? What a ridiculous question.
What about blurred text? I often wonder if I’ve blurred sufficiently text I wish to hide without overlaying it with a one-color shape, or just cutting it out. If you really want to be in the fake information arena — disinformation in fact —, then blur inadequately false information : the other smart guy will lose time to clear the text and discover peanuts! I know, it’s an old well-known process : a supermarket anti-theft guardian (whatever it’s called) told me once that smart kids would pretend to rob some product just to trigger the guardian’s reaction then make a fool out of him given nothing was found given nothing had been robbed. How vicious can you get? LOL. Happy WE to all.
If it uses an algorythem and has poor or no randomization it can be reconstructed. Non of this is new. And by that I mean its decades old.
Blurring is also reversable and blurring unessential text doesn’t substantially slow down the process. Just follow best practices and redact sensitive things by over writing the area with a wide, solid black mark.
Pointless review of complete junkware.
Come on Martin you can do better to fill the content!
Pointless comment too.
Not really, Some Dude, no-one sensible redacts text by pixelation. I can’t even remember when I saw text pixelated.
The point that the attacker needs to know both the original font size and type is not clearly stated in this article in my opinion.
Moreover, the pixelised part must contains only text as the tool works by trials and comparison.
It’s still a potential tool.