Steghide - Hide Data in Images (Steganography)

Steganography is the practice of concealing a file within another. In this tutorial we are going to use a tool that not only buries a file within an image, but it also encrypts it just in case somebody knows that the transmitted image contains a payload. We are going to embed a textfile to pass a message, but one should be able to hide any kind of file.

Whilst this tutorial focuses on Linux (Ubuntu specifically), the software being utilized does have a windows package that can be downloaded from the developer's website, and all the commands are the same (there is no GUI).

Steps

    Install the steghide application
    sudo apt-get install steghide

    Download a large image. For the purposes of this tutorial, I am going to use the one below (click it to see the full-size image).

    You could download it with the following command:
    wget -O /tmp/large-image.jpg http://3.bp.blogspot.com/-Lb5JXftACyA/U72W7X0n9oI/AAAAAAAABPI/hRAqjzbgkpw/s1600/large-image.jpg
    Check how much of data we can embed into the picture.
    steghide info /tmp/large-image.jpg
    Create a text file that contains the secret message that you wish to pass along. I am going to do this using the following command:
    echo "my secret message" > /tmp/secret-message.txt
    Check how large the secret message is to see if it exceeds the capacity of the image:
    du -b /tmp/secret-message.txt
    The -b means that we output the files actual size in bytes instead of the size on disk. This is because the minimum file size on disk is likely to be 4 kilobytes which could lead you to believe the file was too large when it is not.
    Now lets embed an encrypted form of the file into the image.
    steghide embed -cf /tmp/large-image.jpg -ef /tmp/secret-message.txt -sf encrypted-message-image.jpg
    If you just want to replace the image, rather than generate a new one with the message, then simply remove the following part:
    -sf encrypted-message-image.jpg
    I don't recommend naming the image "encrypted-message-image.jpg" in real life.

Resulting File

As you can see, the image looks identical to the first
The key I used on this file is:
demo

Extracting the data

Once you have sent the image to the recipient, they will need to perform the following steps to retrieve the embedded file.

steghide extract -sf /tmp/encrypted-message-image.jpg
# enter the passphrase
cat secret-message.txt
It will extract the file with the same name as the name of the file that was put in.

References

No comments:

Post a Comment