Steganography - Hiding data in an image
In the past, I always wondered how hackers could deliver messages to each other and the police would not notice. I have the answer.
In this article, I am going to talk about how we can hide data inside an image!
But as usual, I’ll explain what steganography is and which tool we’ll use.
What is Steganography?
Steganography is a technique that uses data manipulation to hide secret data inside an image and encrypt it with a secret passkey. In this process of encryption, we hide files and data inside an image, encrypt the data with a passkey, and then decrypt it with another key on the receiver’s side. The receiver needs the decryption key to view the data.
What is the Steghide Tool
Steghide is a steganography program that is able to hide data in various kinds of image- and audio-files. The color- respectively sample-frequencies are not changed, thus making the embedding resistant against first-order statistical tests.
Well, after you understand what Steganography is briefly and which tool we’re going to use, we can start the scenario.
For example, I downloaded a regular JPEG file from the internet:
Cute picture, ah? 🙂
I want to deliver a message to another guy online that nobody will see.
For the example, I want to “inject” a file that contains the following info:
Well, let’s inject this data into the test picture with the steghide tool.
If it’s your first time using this tool, I recommend reading the “ — help” flag.
steghide version 0.5.1
the first argument must be one of the following:
embed, — embed embed data
extract, — extract extract data
info, — info display information about a cover- or stego-file
info <filename> display information about <filename>
encinfo, — encinfo display a list of supported encryption algorithms
version, — version display version information
license, — license display steghide’s license
help, — help display this usage information
embedding options:
-ef, — embedfile select file to be embedded
-ef <filename> embed the file <filename>
-cf, — coverfile select cover-file
-cf <filename> embed into the file <filename>
-p, — passphrase specify passphrase
-p <passphrase> use <passphrase> to embed data
-sf, — stegofile select stego file
-sf <filename> write result to <filename> instead of cover-file
-e, — encryption select encryption parameters
-e <a>[<m>]|<m>[<a>] specify an encryption algorithm and/or mode
-e none do not encrypt data before embedding
-z, — compress compress data before embedding (default)
-z <l> using level <l> (1 best speed…9 best compression)
-Z, — dontcompress do not compress data before embedding
-K, — nochecksum do not embed crc32 checksum of embedded data
-N, — dontembedname do not embed the name of the original file
-f, — force overwrite existing files
-q, — quiet suppress information messages
-v, — verbose display detailed information
extracting options:
-sf, — stegofile select stego file
-sf <filename> extract data from <filename>
-p, — passphrase specify passphrase
-p <passphrase> use <passphrase> to extract data
-xf, — extractfile select file name for extracted data
-xf <filename> write the extracted data to <filename>
-f, — force overwrite existing files
-q, — quiet suppress information messages
-v, — verbose display detailed information
options for the info command:
-p, — passphrase specify passphrase
-p <passphrase> use <passphrase> to get info about embedded data
To embed emb.txt in cvr.jpg: steghide embed -cf cvr.jpg -ef emb.txt
To extract embedded data from stg.jpg: steghide extract -sf stg.jpg
The flags we’re gonna use for embedding options:
embed = embed data
ef = select file to be embedded
cf = select cover-file
p = specify passphrase
The command that gonna embed the data inside the image:
steghide embed -ef ‘data-file’ -cf ‘picture-name’ -p ‘password’
The flags we’re gonna use for extracting options:
extract = extract data
sf = extract data from <filename>
p = use <passphrase> to extract data
xf = select file name for extracted data
The command that gonna extract the data inside the image:
steghide extract -sf ‘picture-name’ -p ‘password’ -xf ‘file-name-for-extracted-data’
After we extract the data from the image, let’s read the content!
That’s it for this article!