_                           _    _____                      _ _           ____  _             
      | |                         ( )  / ____|                    (_) |         |  _ \| |            
      | | __ _ _ __ ___   ___  ___|/  | (___   ___  ___ _   _ _ __ _| |_ _   _  | |_) | | ___   __ _ 
  _   | |/ _` | '_ ` _ \ / _ \/ __|    \___ \ / _ \/ __| | | | '__| | __| | | | |  _ <| |/ _ \ / _` |
 | |__| | (_| | | | | | |  __/\__ \    ____) |  __/ (__| |_| | |  | | |_| |_| | | |_) | | (_) | (_| |
  \____/ \__,_|_| |_| |_|\___||___/   |_____/ \___|\___|\__,_|_|  |_|\__|\__, | |____/|_|\___/ \__, |
                                                                          __/ |                 __/ |
                                                                         |___/                 |___/ 
    Home    Twitter: @Xtrato    Email: james[at]jamesdotcom.com    PGP Key    GitHub: Xtrato    Youtube: Xtratozorz    RSS Feed

23rd February 2010 || Steganography

Steganography is the art of hiding information inside something. For example you can hide a string of text inside an Image and it will be very hard to find unless your specifically looking for it. The difference between steganography and cryptography is that in cryptography its obvious you are looking at encrypted data. with steganography at first glance its not very obvious at all.

There are countless amount of tools that you can use but the one I will be using for this first post is called Steghide. I'm going to be using it on Ubuntu. The first thing you want to do is obviously install Steghide.

apt-get install steghide

I then ran the command:

steghide --embed -ef /home/james/Desktop/test.txt -cf /home/james/Pictures/stegbmp.bmp -p pass

This command embeds test.txt inside the stegbmp.bmp image and assigns the password "pass" to access the text file.

You can download both files here (stegempty.bmp and stegfull.bmp. Stegfull.bmp contains the test.txt text file and stegempty.bmp contains nothing.

As you can see both images have kept their original file size of 29.35 kB (30054 bytes). even though a 16 byte text file has been added. This is because it uses a method of storing a file called Least significant bit insertion (LSB). This is where the test.txt file bits are written in a part of the image file where the data is not of any or little importance. Therefore it does not alter the way the image looks. Obviously if I added a large file inside the image it would increase the file size.

To extract the txt file from the image i used the following command:

steghide --extract -sf /home/james/Desktop/stegbmp.bmp -xf yes.txt

This copies the test.txt file that is inside the image and saves it as yes.txt inside the current directory.