Hiding in plain sight is sometimes the best tactic.

For instance, this lovely young lady

Rather unassuming, right? Well, read on and you’ll learn how to extract a hidden message from that picture!

Steganography is “the practice of concealing a file, message, image, or video within another file, message, image, or video.” (Source: Wikipedia) In Linux, the ever-so-handy Steghide allows us to do just that. I know that you and your imagination will come up with all sorts of creative ways to utilize this awesome little program.

Now, if you’re using ParrotSec, you’ll already have steghide installed. Otherwise, it won’t take you much effort at all to snag a copy of your very own.

Scenario A: You have a text file and don’t want anybody to know about it. Embed it into a picture!

Let’s dissect our command:

1. steghide calls the program
2. embed states that we are going to insert a file into our image, as opposed to “extract”
3. -cf specifies that this is our Cover File, dog.jpg
4. -ef specifies that this is our Embed File, file.txt

Enter and re-enter a password of your choosing, and that’s it. You have now successfully embedded a file into an image. How does it look? Any different? You could take this picture, bury it with thousands of others and know that your data is safe and sound. Just don’t forget where you put the picture. Or the password.
 
 

Scenario B: You have a picture, you know there’s something in it, and you want it back!

Now here we have two commands. The first is quite simple:

1. steghide calls our program
2. extract states that we want our stuff back
3. -sf specifies that this is the Stego File, dog.jpg

You will be prompted for the password you created when you embedded the file. Enter that, and your hidden file will be extracted and created in the same directory as the source file.

The second command is cat, which is a useful Linux command to display the contents of a file.

Now that this information is fresh in your mind, let’s find out what’s inside the image of the girl at the top of the page. Download (right-click, “Save As”) the image and use steghide to extract the hidden file within. The password is hunter2

To further your knowledge in steghide, let’s go ahead and do the following:

1. Enter man steghide
   This is going to show you the man (manual) page. In fact, most CLI (command line interface) programs have a man page. This is written by the author of the program as the first resource for more information, and a great help in deciding what to Google when you can’t find the answer to your question. Press q to leave the man page when you’re done.
2. With the man page up, open another terminal to execute commands. Change the encryption algorithm to rijndael-256, since the default is rijndael-128. What’s the difference between the two?
3. Use --info on images you’ve embedded files in.
4. What kind of file types can you embed into your images?
5. What kind of file types can you use as container files?

Play around for a while! What other commands can you use?

How large of a file can you embed?

How does the resulting file change?