Hiding in plain sight is sometimes the best tactic.
For instance, this lovely young lady
Rather unassuming, right? Well, read on and you’ll learn how to extract a hidden message from that picture!
Steganography is “the practice of concealing a file, message, image, or video within another file, message, image, or video.” (Source: Wikipedia) In Linux, the ever-so-handy Steghide allows us to do just that. I know that you and your imagination will come up with all sorts of creative ways to utilize this awesome little program.
Now, if you’re using ParrotSec, you’ll already have steghide installed. Otherwise, it won’t take you much effort at all to snag a copy of your very own.
Scenario A: You have a text file and don’t want anybody to know about it. Embed it into a picture!
Let’s dissect our command:
steghide
calls the programembed
states that we are going to insert a file into our image, as opposed to “extract”-cf
specifies that this is ourC
overF
ile, dog.jpg-ef
specifies that this is ourE
mbedF
ile, file.txt
Enter and re-enter a password of your choosing, and that’s it. You have now successfully embedded a file into an image. How does it look? Any different? You could take this picture, bury it with thousands of others and know that your data is safe and sound. Just don’t forget where you put the picture. Or the password.
Scenario B: You have a picture, you know there’s something in it, and you want it back!
Now here we have two commands. The first is quite simple:
steghide
calls our programextract
states that we want our stuff back-sf
specifies that this is theS
tegoF
ile, dog.jpg
You will be prompted for the password you created when you embedded the file. Enter that, and your hidden file will be extracted and created in the same directory as the source file.
The second command is cat
, which is a useful Linux command to display the contents of a file.
Now that this information is fresh in your mind, let’s find out what’s inside the image of the girl at the top of the page. Download (right-click, “Save As”) the image and use steghide to extract the hidden file within. The password is hunter2
To further your knowledge in steghide, let’s go ahead and do the following:
- Enter
man steghide
This is going to show you the man (manual) page. In fact, most CLI (command line interface) programs have a man page. This is written by the author of the program as the first resource for more information, and a great help in deciding what to Google when you can’t find the answer to your question. Pressq
to leave the man page when you’re done. - With the man page up, open another terminal to execute commands. Change the encryption algorithm to
rijndael-256
, since the default isrijndael-128
. What’s the difference between the two? - Use
--info
on images you’ve embedded files in. - What kind of file types can you embed into your images?
- What kind of file types can you use as container files?