Literally the term “Steganography” from etymological dictionary means “the art of writing in figures, because the script is still secret and unknown to those who do not have the key”. Typically quansiasi type of encrypted message may be referred steganographic. The oldest steganographic technique dates back a few thousand years ago (the term itself is derived from the ancient greek), was to use common lemon juice instead of ink. Those who received the letter secret was to bring the paper to a source of heat or an open flame. The parties spent with the lemon juice would not be blackened, while the paper is.
In the digital world with steganography could mean any message encrypted with a shared key, but more specifically it refers to text messages hidden within an image. In practice (greatly simplifying the procedure) each pixel which composes the image is composed of a different color, and changing a single bit per pixel content will not be obvious to the human eye changes, while a software encryption, if you set the right key, will be able to extract the message. The most widely used method is the algorithm LSB (Least Significant Bit), that needs to be given in text format to hide and a password to encrypt the message.
The most often used tool to insert or extract the data in an image is Steghide, while the charge extraction via bruteforce attack is Step Break. If we just want to know if it was a hidden message in an image we will use Steg Detect, which however is not able to decrypt the message. In this short tutorial we will show how it is possible “inject” a txt file inside a jpg image, leaving in fact the image visually unchanged.
First you need to have installed “Steghide“, present in the repositories of major distributions, but also easily fillable “a mano”.
For our test we use an image whose color spaces are not too uniform (Type sky, parete bianca o simili). Thank you Tara, the model of exception that lent itself to the experiment.
The text insert is instead taken from the Divine Comedy: “Inferno, Singing 1, Verses 1 – 136”; 136 lines containing any character in the Italian (including accented vowels, apostrophes and quotation marks), that in a txt file can weigh almost 5kb. I called the file “divina.txt”, you can download it below.
Here comes the fun. We include the file within the image with steghide. The command for this is to include the text:
Steghide embed-cf tara_bn.JPG-ef divina.txt
Steghide will ask you to enter a password (I used “ciaociao”). The field can also be left blank, but in this case it will be easier to find out the hidden message. And the result is invisible to the eye:
To extract the data we still use steghide, the reverse is equally simple:
steghide extract-sf tara_bn.JPG-xf estratto.txt
This will create a file named “estratto.txt” that contains the contents of the original file.
Try it yourself to extract the data from the last photo… Also there is a hash bit out of place.
An important function of the command is steghide “info”.
The info command returns one of the most important things that interest us: the maximum amount of data to be hidden in the host file. In our case we can hide 16,2 KB, also entering the password encryption we note that the hosted file weighs 4.9 KB, which was called “divina.txt”, that has been encrypted and compressed.