What is Digg?Sponsored by Dragon Age: Origins
Can't get enough Dragon Age: Origins? Play the flash game. view!
DragonAgeJourneys.com - Play the free companion flash game to Dragon Age: Origins.
46 Comments
- LucidDr34m3r, on 10/12/2007, -0/+12Wow, so I finally signed up for Digg because of this article.
Nothing here is new, although it is a very interesting subject. You are right if you say that your messages aren't exactly "safe"in this format... but stego serves a different purpose than encryption. You encrypt something if you don't want anyone to see it. You apply stego if you dontt want anyone to know it even exists. It is common to encrypt your message before you apply the stego anyhow... so that's really not a point at all. Usually, if the existance of your message has been discovered, that is as big of a blow to you as if they had read the message (if not a bigger one).
The earliest form of stego is when people would shave the heads of slaves and tattoo a message on their head, let it grow back, and then send them off to where they want the message delivered. So keep in mind, the article talks about doing it in BMP and GIF images, you can put stego anywhere. It is merely the study of hiding secrets in plain sight. I have personally applied stego to JPEG images for academic purposes, but let me tell you, it is NOT easy to detect and break, despite what other posters have stated. Using statistical analysis of images, you can sometimes tell when an image has stego, but not always, and you are even less likely to detect it if the author of the message created their own algorithm. Common stego techniques are relatively easy to discover. But think about embedding messages in avi files or mp3 files. You can hide ANY kind of data as stego. I put text in an image that was hiding in an image.
This is very interesting stuff here. Very real. Anyone see Ä Beautiful Mind"? That guy may have been crazy, but that doesn't mean that the messages he was searching for didn't/don't exist. - heavensblade23, on 10/12/2007, -1/+13That software has been out a while now in the computer forensics field.
- inactive, on 10/12/2007, -0/+10Our forensic software rips this stuff right out. The child pornographers do this all the time as do some of the identity fraud people. Not the best way of hiding stuff. Encrypt it good and be done with it.
- echoforever, on 10/12/2007, -0/+8Hiding a file in a jpg file:
1. Gather your image file (say secret.jpg) and the file (say meeting.txt) you wish to lodge into it.
2. Add the file you want to hide into a new RAR archive
3. Open Command Prompt
4. Go to the folder where your files are located.
5. Type 'copy /b secret.jpg + meeting.txt.rar lizard.jpg' where secret.jpg is the original picture, meeting.txt.rar is the file to be hidden, and lizard.jpg is the file which contains both.
6. Test the JPG by opening it, and verifying it still opens. If it does, try opening the file with WinRar!
The completed RAR file!
It was on Digg, some time back. - WaterDragon, on 10/12/2007, -0/+7FTA ..."Like hiding your valuables from burglars in an empty cereal box in your kitchen cabinet,..."
Damn Why did they have to tell everybody about that? - spyrochaete, on 10/12/2007, -0/+6Fun fact:
Steganography means "covered writing". The term dates back to ancient Roman times where the emperor would send secret messages on stone tablets, but would cover the message with wax and carve a decoy message on that. - greevar, on 10/12/2007, -0/+4You can hide files in other files through something built into Windows XP called Alternate Data Streams. These files are attached to any file with no outside indication that it's there. Not even the file size changes when this is implemented. The only way you can find an ADS file is if you know where it is and what it is called. Google it, I find in fascinating.
- LordSnooze, on 10/12/2007, -3/+7security through obscurity
- pathy, on 10/12/2007, -0/+3Pretty good for hiding crappy Python games in images though!
http://img413.imageshack.us/img413/2825/ttoce2.jpg (It's very easy to break, by the way) - Niten, on 10/12/2007, -0/+3http://www.outguess.org/detection.php
- mankyd, on 10/12/2007, -0/+3mozaiq has a simple online tool to do this. It'll even provide the image for you if you want. Just type in a message:
http://mozaiq.org/encrypt/
http://mozaiq.org/decrypt/ - donjaime, on 10/12/2007, -0/+2To clarify, you use the text encodings on the least significant bits that you take out. the hard part is finding where to start.
99% of the time, people use a marker or header to indicate the beginning of data. But even if they don't (and use some pre-arranged setup), it doesn't take long to brute force it, especially if you have a rough idea of where to start from statistical sampling. - LucidDr34m3r, on 10/12/2007, -0/+2I also find ADS fascinating. It is much less of a "hiding"strategy as stego though. I was implemented unofficially with NTFS for compatibility with the Mac HFS. Many virus scanners do not have the ability to look in alternate data streams for viruses. It was a common practice for root kits to hide there as well. This method is only really useful if you want to keep the average Joe from finding your file. Any standard forensics utility will find them in no time flat. You don't use ADS to hide secrets, it's really just a better alternative than checking the "hidden" box under file properties.
- sgraham, on 10/12/2007, -0/+2Wow Avast AV says steghide is a Trojan.. Guess that's one way to look at stenography tools.
- LucidDr34m3r, on 10/12/2007, -0/+2You know, that's only half true... Knowing the location of the ADS is one way, or using a tool that locates an ADS also works. Many forensics tools do this (the ones I am familiar with all do). Alternate Data Streams aren't vulnerabilities in and of themselves! It was actually implemented for compatibility reasons. I hate M$ as much as the next Digger, but I like that these exist. It should just be documented better. Read up here for some more info: http://www.bleepingcomputer.com/tutorials/tutorial25.html Also a Google search returns lots of good pages too: http://www.google.com/search?hl=en&q=alternate+data+stream&btnG=Google+Search
Used for storing meta data... not really a bad thing. You just need to know they exist if you want to set your foot anywhere near the security world. The only threat with ADS is ignorance. - donjaime, on 10/12/2007, -1/+3Its fairly easy to find unencrypted text hidden in an image.
You look at the least significant bits per pixel for high frequency noise (generally colors appear in patches). If you find it you might have a message.
You try standard text encodings like ASCII or UNICODE and look for non gibberish. You repeat this moving to a more significant bit. If you automate this, in no time you can rip out unencrypted text.
It gets harder if you use other types of binaries to hide stuff in. - mahoneyt, on 10/12/2007, -0/+1I want to run my web browser through a proxy that detects this ***** in images... I wonder how many images are actually floating around out there with hidden text files in them. Also, check out steghide... a command-line utility that will automate the process of hiding files within another. http://steghide.sourceforge.net/
- joerite, on 10/12/2007, -0/+1There was a notpr0n level where you had to download a mp3 and rename it as a jpg and it show the password and username.
- OBKenobi, on 10/12/2007, -1/+2[quote]The only way you can find an ADS file is if you know where it is and what it is called.[/quote]
Another great MS security vulnerability. What kind of maniac would want such a "feature" present in an OS by default? - martinlanny, on 10/12/2007, -0/+1Hiding Large Files Inside YouTube Video Files:
http://www.joe0.com/2007/01/05/hiding-large-files-inside-youtube-video-files/ - djfelix, on 10/12/2007, -0/+1Watch "To Catch A Thief" on the Discovery Channel. That guy would find it. Burglars know those tricks. The guy they use on the show dumps out all the boxes and tins in the cabinets in the kitchens. The homeowners are horribly shocked when they get home and see all the stuff he did. He really destroys the houses he "robs" for the show.
The art of stenography is truly fascinating. I look at it as a shell game. It's yet another way to move the pea, but it's only a matter of time until someone finds it. - biter, on 10/12/2007, -0/+1I've been using stego for years with S-Tools. How come it's not mentioned anywhere? It's the easiest tool to use.
- mahoneyt, on 10/12/2007, -0/+1sweeet
- devdavad, on 10/12/2007, -0/+1I've seen two similar tutorials, one said you could do this with .jpg files also. Anyway ZipGenius and 7Zip both won't open the final .gif image with the hidden file. I haven't tried using the program to load it though
- inactive, on 10/12/2007, -0/+1Can someone please explain this to me? Everything I have read about stenography suggests that stenograhpy is weak and can be broken by statistical analysis if the attacker know to look for it. I understand how this is possible if you are encrypting text that doesn't look like random data. However, if you were to take a TrueCrypt container and encrypt that, then the results of the attacker's statistical analysis shouldn't show anything because Truecrypt files look like random data. So if I were to change the least significant bits of a media file with a truecrypt binary, how can this be proven to contain an stenographic image?
- LucidDr34m3r, on 10/12/2007, -0/+1Sure, using the least significant bit is one way of hiding it, but if I choose to only use the least significant bit of only every other byte, or I use a pattern of some sort, it becomes much more complicated. There are different algorithms that hide data differently, not just the method of hiding in the least significant bit, although that is the most common way (the most common way people think about it anyway). Even then, stego detection tools can only make a guess of how probable it is that stego is in the specified file. And to top it off, every stego tool I used automatically encrypted my message! Also, you can store more than just plain text in files. For example, I hid a GIF image in a JPEG, and the GIF had text on it, but it would not be detected as ASCII even if you found the stego. Obviously, looking at the binary, you would see it was a GIF right off the bat, but you can't just assume that the hidden message is text...
You are correct though, hiding files in other binaries is much more interesting, and can be much more difficult to find. Don't go thinking that there's only one way to hide data in an image though... there are hundreds of algorithms. Some are much much better than others. - donjaime, on 10/12/2007, -0/+1You are right that stego tools encrypt the text, but I was simply talking about unencrpyted text.
Using every other pixel, or scrambling which pixels you put contiguous bits into, are both forms of encryption (albeit light encryption). I was simply proposing a method for finding plain, unencrpyted text hidden in an image. - jeromey11, on 10/12/2007, -2/+2since on digg this program has been most used for!!!!!......
hiding porn! - Pokho, on 12/21/2008, -0/+0Aphex Twin also put a picture of his face into one of his tracks..
http://www.kempa.com/2004/05/03/more-musical-stega ... - inactive, on 10/12/2007, -1/+1I remember using a program years ago that would hide files in a photo. I think it was called "CAMOFLAUGE".
- wiifm69, on 10/12/2007, -0/+0check out http://revelation.atspace.biz/ the homepage for Revelation. Revelation can hide data in the LSB's of 24 bit bitmap images.
- precision4u, on 10/12/2007, -0/+0I've actually seen this in action - in a way, except they were trying to filter out the images. Basically trying to corrupt any data that would hidden within a picture before it was sent out of a network. Cool stuff. I also thought I read an FBI article a while back on how they had had someone do a search, albeit a small sample, of images on the net, and found that it was not as rapant as they thought. To me though, this seems ridiculous, as there is no way to be 100% sure the image does or does not have steg in it since who knows what has been developed and is not in the public domain.
- LucidDr34m3r, on 10/12/2007, -0/+0The tools for breaking stego that I have used dont actually say if an image has stego in it or not, but it gives a number that says how likely it is to have stego in it. The type of data you embed in the image doesn't really affect this number... When you look at an image, there are certain things you expect to see. For example, it is likely that you have 2 or more pixels of the exact same color next to each other. There are patterns you see in "normal" images, and while changing the least significant bit of a color in every pixel is invisible to the human eye, the computer can see that the image violates the standard patterns often seen in images. The checkers dont necessarily go looking for ASCII in images, they just look for abnormal pixel combinations. At least... that is my understanding of the subject. My experience in breaking stego is limited to a very small set of tools, and I'm still an undergrad.
The short version: You can't "prove" there's stego until you have extracted the message. - OsiVert, on 10/12/2007, -0/+0Putting stenography to use in music is pretty cool. I tried to find the article that I had read before, but with no luck. Some musicians have secretly put pictures in their audio tracks. I specifically remember Nine Inch Nails putting their logo in one of their songs.
- surfwizz, on 10/12/2007, -2/+1I have made a secret message, encrypted it in rot-26 and hidden it in a bmp file named stego. My password is password. I have sent it to all of my friends. They still haven't gotten it.
- Cerium, on 10/12/2007, -3/+2If you have Mac OS X:
Right click and show contents of one of your applications. Make a new folder and name it like one of the others. Something like "Resources". Put your stuff in here. It is not searched by the OS search tools. You can put anything in there like it was a normal file. - eelman99, on 06/20/2008, -1/+0How to fuse .rar (type of compressed zip file) archives into .png (pictures) and thus hide them. This is useful for transmitting any kind of secret info, but beware, if the authorities get their hands on this file directly, they will probably figure it out.
Summarized into easy steps!
A. First you will need to download WinRAR archiver, search google, its a free program. If you already have this you can skip this step.
B. Now you will learn how to make .rar archives.
B1.Create a folder and name it anything you want.
B2.Fill it with a few secret goodies.
B3.Right click it and a menu will come up with a bunch of things including "add to .rar".
B4.Click that and a compressed file will be created in the same location as your original file. It can take a while.
B5.Ta da! Its done
C. Now you will learn how to make the FUSION program, dont worry, its super easy.
C1.Copy and paste this entire text in between lines (not the lines) and paste it into a blank notepad.
------------------------------------------------------------------------------------------------------------------
REM v 2.0 > bipedal0@gmail.com
@echo off
color 0c
cd C:
if exist FUSION goto FUSIONTRUE
mkdir C:FUSION
:FUSIONTRUE
cd C:FUSION
cls
echo Bipedal's JPG/PNG + RAR Fusion script
echo.
echo.
echo PUT 2 FILES TO BE FUSED IN "C:FUSION"
pause
cls
if exist *.rar goto RAR
cls
echo ERROR: RAR NOT FOUND
pause
exit
:RAR
if exist *.jp*g goto JPG
if exist *.png goto PNG
cls
echo ERROR: IMAGE NOT FOUND
pause
exit
:JPG
copy /b *.jpg + *.rar FUSED.jpg
cls
echo JPG/RAR FUSION COMPLETE
pause
exit
:PNG
copy /b *.png + *.rar FUSED.png
cls
echo PNG/RAR FUSION COMPLETE
pause
exit
------------------------------------------------------------------------------------------------------------------
C2.Click (x) and save your notepad into your main drive (C:) as "fusion.bat", not "*.txt"
C3.Voila, thats the program!
D. Now you will learn how to actually fuse .rar and .png
D1.Create a new folder in the (C:) drive and name it FUSION (capitals)
D2.Place your previously made .rar archive into this folder as well as a .png image of your choice, i prefer kittens :P
D3.Exit the folder and find your "fusion.bat" program, it should be in the same location (C:)
D4.Click it "fusion.bat"
D5.Click on the screen that pops up and press any key
D6.Wait for it, if your .rar was big it can take several minutes
D6.Cest fin! Your new fusion of the two files will look like a picture named FUSED.png (rename it if you want) and will open into a picture if you click on it.
E. Now you will learn how to acces your hidden files
E1.To retrieve your goodies, right click on the FUSED.png and choose "open with" and "choose default program"
E2.A window will open, click the little arrow on the "other programs" button
E3.Uncheck "Always use selected program to open this kind of file" (its at the bottom of the window)
E4.Scroll down in the window and choose "WinRAR archiver"
E5.Click ok.
E6.A new window will open. Click "extract to" and chose where you want to open your secret goodies. An annoying little advertising window might open, just close it and ignore.
or use "copy B source.gif+source.zip target.gif" in the cmd.exe - flipjargendy, on 10/12/2007, -3/+1This has been around for a LONG time. i was doing that about 8 years ago. It's one way hackers can get trojans into your system, it's also one way people who Copyright their images can track them if someone tries to use them on a website.
- Bonekhan, on 10/12/2007, -3/+1I use InvisibleSecrets to encode my passwords into a gif file. xD
- LordSnooze, on 10/12/2007, -6/+2She just needed to obscure herself from the camera!
- digdigger, on 10/12/2007, -6/+2The next thing will be software that detects such messages.
- sushilrajput, on 10/12/2007, -5/+0its good
- martin308, on 10/30/2007, -7/+2some interesting *****
- Ujjay, on 10/12/2007, -6/+0I really hope no one took that comment seriously...
- zenlunatic, on 10/12/2007, -8/+2cdc discussed and implemented this years ago. digg is such noobs.
- Ujjay, on 10/12/2007, -13/+1James Bond coming in 2008...
James Bond stops a secret terrorist plot, by using steganography to foil the terrorists. His gun is replaced by a mouse, his weapons changed to a graphics card. Coming next summer.
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is 