Steghide, Hiding your secret

Hi Guys,

It is been one or two weeks that I am not writting to my blog. There are too many ideas in my head to be written here but it is kinda overflow then none of them finally get written here.

Lets start with something simple that is Steghide. In some CTF I found this tools is used to hide some configuration

Steghide is available by default in kali linux so you do not need to install it manually. Here are some features of steghide

  1. Compression of embedded data
  2. BMP, GIF and JPG supported
  3. Encryption of embedded data
  4. Decryption via poassword
  5. Uses various algorithm for ecnryption

Lets start hiding. It is very simple to hide our data into an image using steghide

root@netdragon:~/tutorial/steghide# steghide embed -ef rio-secret.txt -cf image2.jpeg 
Enter passphrase: [PUT_YOUR_PASSWORD_HERE]
Re-Enter passphrase: [PUT_YOUR_PASSWORD_HERE] 
embedding "rio-secret.txt" in "image2.jpeg"... done

To extract the secret file from the image

root@netdragon:~/tutorial/steghide# steghide extract -sf image2.jpeg 
Enter passphrase: 
wrote extracted data to "rio-secret.txt".

Easy right?

You can also query what file that is being hidden to the image with below command

root@netdragon:~/tutorial/steghide# steghide info image2.jpeg 
  format: jpeg
  capacity: 300.0 Byte
Try to get information about embedded data ? (y/n) y
Enter passphrase: 
  embedded file "rio-secret.txt":
    size: 11.0 Byte
    encrypted: rijndael-128, cbc
    compressed: yes

In the next post I will tell how to crack this phasprase

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s