Thursday, May 03, 2007

Yes you read it right - No steganography software

So here is a quick howto on doing image steganography with common tools, no specialized software.

1: Compress the file you want to secure( I tried both rar & zip), say secure.zip
2: Take the image file which you want to use, say image.jpg
3: run the following command
copy /b image.jpg + secure.zip hidden.jpg
4: Double click hidden.jpg & you'll see the original image
5: Open the file in archiving utility (I tried winzip & winrar)
6: It will open the content of original secure.zip

Analysis
copy commands copies the content of both the files into a third file
The third file starts with the header of an image & even the extension is of image, so the OS (tried KDE & GNOME in case of Linux) interprets it like an image & shows the image, that too without any distortion or noise in the image.

/b option indicates binary operation & takes care of any possible goofup.

PoC
Image on left is the original image & where as one on the right is with hidden content, try opening it in any archiving software.

0 comments:

Post a Comment