AntiCropalypse

March 31st, 2023 Update

As of today, Discord's CDN now strips trailing data from PNGs in-flight, meaning that even old uploads are now safe from the aCropalypse vulnerability. As such, this bot is no longer necessary, but it will remain online to allow users to download their archived images.

Original Article

The aCropalypse vulnerability (CVE-2023-21036 & CVE-2023-28303) has lit the internet ablaze with fear over the mounds of screenshots uploaded to social media websites over the past several years that could potentially contain private information like phone numbers, addresses, and even banking information. While many social media platforms reprocess images after uploading (and thus accidentally mitigate the vulnerability), Discord did not do so until January 2023, leaving potentially millions of vulnerable screenshots on the platform open for anyone to grab.

Enter AntiCropalypse, an open-source Discord bot that mitigates the aCropalypse vulnerability by retroactively deleting vulnerable images. In only a few minutes, server admins can install and set up the bot to have it off on its merry way happily deleting and archiving vulnerable images. Once it's complete, the bot will report on the tally of vulnerable images and give every affected user instructions on how to download their archived (and fixed!) images.

Add to Server

How aCropalypse Works

The aCropalypse vulnerability is a result of how cropped screenshots are saved to a device. The issue was first discovered on Google Pixel devices (CVE-2023-21036) where a regression in Android 10 meant that, when overwriting an existing file (say, the original uncropped screenshot), the original file would not get fully overwritten. This meant that every time you cropped or edited a screenshot on a Google Pixel, it would only partially overwrite the original file, leaving a ton of the original image's data in the final file. This data could then be recovered by a malicious actor, allowing them to access whatever part of the image you tried to crop or edit out: names, phone numbers, addresses, et cetera.

This vulnerability has also been found to affect screenshots taken on the Windows 10+ Snip & Sketch and the Windows 11 Snipping Tool (CVE-2023-28303), although to a much lesser extent. Since the issue arises from saving files, one would need to have snipped and saved a screenshot, then decided they wanted to crop it further and saved it again.

How AntiCropalypse Works

With thanks to retr0id who wrote up an excellent article for developers to learn more about the vulnerability.

To tell if an image is vulnerable, AntiCropalypse starts by parsing the image like any other PNG parser would by iterating through all its chunks and stopping once it reaches the "IEND" of the file. Unlike a normal PNG parser, it then checks to see if there is any excess data at the end of the file. If so, it tries to continue parsing and decoding these PNG chunks. If this proceeds without any errors, then the bot can safely determine that a recoverable part of another image (the original screenshot) is buried at the end of this other image file (the "cropped" screenshot) and flags the message for archival and deletion.

The bot performs this check on every attachment and image link in every message in every channel in a server. When it finds a vulnerable image, it safely archives the message and its (fixed!) image attachments to a private cloud server and then deletes the message. Once it's finished scanning the whole server, it reports back to the user who started the scan with the tally of vulnerable messages and then informs every affected user of the vulnerability and how to download their archived images.

Commands

Command Description
User Commands
/download Fetches a download link for all of your vulnerable images that were deleted
/forget-me Removes your archives of deleted images
/opt-out archiving Opts-out of having your deleted screenshots backed up for you to download
/opt-out everything Opts-out of having your vulnerable screenshots scanned, deleted, or archived
Admin Commands
/count Searches for and counts potentially vulnerable images
/confidence Configures how confident the bot should be before deleting an image
/purge Searches for and deletes vulnerable images according to the configured confidence

Self-Hosting

AntiCropalypse is open-source and can be self-hosted if you wish to archive images to your own cloud server or omit archiving entirely. See the repository's README for more information on how to run the bot.

Support

If you need help using the bot, feel free to reach out on its Discord.

Otherwise, if this bot has helped you and you're looking for support it, then you can help contribute to its server costs by sponsoring me on GitHub ❤️