Deciphering the Unseen: The Magic of Steganography Revealed
Steganography, often referred to as the art of hidden communication, is a fascinating technique used to conceal one piece of information within another. Imagine the magic of hiding a message within a picture or a piece of music without altering their appearance. Now, how can hackers exploit this enchanting concept for their own purposes?
Well, malicious hackers have been known to use steganography in rather sneaky ways:
- Data Sneak-Peek: They hide sensitive information within files like innocent images and then send them out of a compromised network, bypassing security measures.
- Stealthy Malware: By tucking malware into harmless-looking files, they can slip past antivirus programs, making detection a tough nut to crack.
- Invisible Conversations: They discreetly communicate by embedding secret messages in plain view, dodging security radars.
- Malicious Gifts: Steganography helps hackers hide their nasty surprises within files or emails, making it feel like an unwrapped gift until it’s too late.
- Vanishing Watermarks: When they’re up to no good, hackers can also use steganography to erase watermarks from copyrighted images, making copyright owners see red.
Steghide
Steghide is a Linux tool that masterfully hides secrets within everyday files. We’ll dive into it and discover how it works.
Installing Steghide on linux
sudo apt install steghide -y
Sending secret messages
Moving forward we need an image and a secret message which we can hide inside the image. I already have an image downloaded on my Kali Linux Desktop.
Now, Lets create a secret message and store it in a text file using echo command as shown below
echo "This is a secret message for all teams in the field" > secret.txt
Embed secret message
Now, we can use steghide embed command to hide our secret message in the image we downloaded.
steghide embed -ef secret.txt -cf image.jpgsteghideis main command for using the tool.embedindicates that we are embedding data which in our case issecret.txtef secret.txtspecifies the file we want to embed, which in our case issecret.txtcf image.jpgspecifies the cover file, which in our case isimage.jpg. The secret file will be hidden within this cover file
As soon as the command is executed steghide asks to set a passphrase to encrypt the secret file before embedding it. We need to remember this passphrase, as we’ll need it to extract the secret file later. (In this case I used an easy passphrase : pasword)
The resulting file image.jpg will appear unchanged to the naked eye, but now it contains our secret message embedded within it.
Extract secret message
To extract the secret message we can use steghide extract command as shown below:
steghide extract -sf image.jpgsteghideis the main command for using steghide.extractindicates that we want to extract hidden data from a file.sf image.jpgspecifies the source file from which we want to extract the hidden data which in our case isimage.jpg
To check the message in secret.txt use the cat command as shown below:
cat secret.txt
Mission accomplished!
Hiding malware in the image
Till now we know that how we can embed secret message in an image. Similarly, we can also hide a malware in the image. To demonstrate the working I have created a simple bat file for windows.
You can get that from the following github link:
It will just create ten folders named “hello” on your desktop when executed.
Embed Malware
Let’s hide the bat file in image named baby_tiger.jpg
steghide embed -ef openme.bat -cf baby_tiger.jpgThis command will hide the “openme.bat” script inside the “baby_tiger.jpg” image. Make sure you have both the script and the image in the same directory where you run this command.
Extract Malware
Get steghide for windows → https://steghide.sourceforge.net/download.php
Let’s transfer the baby_tiger image to our windows system and extract bat file there.
To extract bat file from image you can use the following command in windows cmd
steghide.exe extract -sf "C:\Users\user\Desktop\baby_tiger.jpg" -xf openme.bat
Execute bat file
To execute bat file in windows just double click on it or write filename with extension in cmd (In this case it’s “openme.bat”).
After executing bat file 10 folders named hello are created on desktop.
Keep in mind that using steganography to hide executable scripts in images can raise security and ethical concerns, so please use this knowledge responsibly and only for legal and ethical purposes.
This walkthrough finishes here. Happy hacking!
