Hi comrades , just take a whole time in long holiday for writing some stuff. Today I want to talk about Steganography. Steganography is art and science of writing hidden messages. Some of media to hide the message is via images , videos or mp3. The word Steganography origin from Greek and means “concealed writing”, steganos is meaning “covered or protected” and graphei is means “writing”. The advantage of steganography over cryptography alone is that messages do not attract attention to themselves. And now lets take a look of stegano tools, there are outguess and steghide ( all of them is opensource )
What is OutGuess ??
OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources. The nature of the data source is irrelevant to the core of OutGuess. The program relies on data specific handlers that will extract redundant bits and write them back after modification. In this version the PNM and JPEG image formats are supported. In the next paragraphs, images will be used as concrete example of data objects, though OutGuess can use any kind of data, as long as a handler is provided.
How to install OutGuess ??
With a debian derived linux distro you can get it with :
sudo apt-get install outguess
this is how to hidden message
r3m1ck@ExploitID:~$ outguess -k "yoursmile" -d for_you.txt dina.jpg this_is_dina.jpg Reading dina.jpg.... JPEG compression quality set to 75 Extracting usable bits: 15780 bits Correctable message size: 8466 bits, 53.65% Encoded 'for_you.txt': 1688 bits, 211 bytes Finding best embedding... 0: 864(50.2%)[51.2%], bias 653(0.76), saved: -2, total: 5.48% 19: 862(50.1%)[51.1%], bias 640(0.74), saved: -2, total: 5.46% 29: 845(49.1%)[50.1%], bias 649(0.77), saved: 0, total: 5.35% 48: 832(48.4%)[49.3%], bias 658(0.79), saved: 1, total: 5.27% 135: 812(47.2%)[48.1%], bias 610(0.75), saved: 4, total: 5.15% 193: 765(44.5%)[45.3%], bias 611(0.80), saved: 9, total: 4.85% 193, 1376: Embedding data: 1688 in 15780 Bits embedded: 1720, changed: 765(44.5%)[45.3%], bias: 611, tot: 15748, skip: 14028 Foiling statistics: corrections: 304, failed: 7, offset: 60.702128 +- 172.770215 Total bits changed: 1376 (change 765 + bias 611) Storing bitmap into data... Writing this_is_dina.jpg.... r3m1ck@ExploitID:~$
r3m1ck@ExploitID:~$ outguess -k "yoursmile" -r this_is_dina.jpg the_secret.txt Reading this_is_dina.jpg.... Extracting usable bits: 15780 bits Steg retrieve: seed: 193, len: 211 r3m1ck@ExploitID:~$
What is Steghide ??
Steghide is a steganography program that is able to hide data in various kinds of image- and audio-files. The color- respectivly sample-frequencies are not changed thus making the embedding resistant against statistical tests.
- compression of embedded data
- encryption of embedded data
- embedding of a checksum to verify the integrity of the extracted data
- support for JPEG, BMP, WAV and AU files
The last release of this software it’s 10 years old, so it’s not exactly somethign new, but teh good news is that you should find it in the repositoy of any distribution, so install it with your package manager such as yum, apt or emerge.
How to install Steghide ??
open your terminal and run
sudo apt-get install steghide
This is how to embed hidden message in images
r3m1ck@ExploitID:~$ steghide embed -ef for_you.txt -cf dina.jpg -sf using_steghide.jpg Enter passphrase: Re-Enter passphrase: embedding "for_you.txt" in "dina.jpg"... done writing stego file "using_steghide.jpg"... done r3m1ck@ExploitID:~$
This is how to show info of the images
r3m1ck@ExploitID:~$ steghide info using_steghide.jpg "using_steghide.jpg": format: jpeg capacity: 828,0 Byte Try to get information about embedded data ? (y/n) y Enter passphrase: embedded file "for_you.txt": size: 211,0 Byte encrypted: rijndael-128, cbc compressed: yes r3m1ck@ExploitID:~$
this is how to extract the file inside the image
r3m1ck@ExploitID:~$ steghide extract -sf using_steghide.jpg Enter passphrase: wrote extracted data to "for_you.txt". r3m1ck@ExploitID:~$
See ya , Thankyou !!