Steganography is hiding information inside of another file, usually an image, but could be anything from mp3s to pdfs. There are many tools freely available for this purpose. There are many purposes for using stego, legitimate or not. While this is something really kewl, it can be dangerous as well. All kinds of things can be hidden in an image. Text, other files, scripts, etc. The secret behind most forms of stego is file headers. Beyond that stego can be encrypted and password protected to keep prying eyes at bay. I'm going to show you a really simple (and unencrypted for legal reasons) way of hiding an executable jar file in an image. The kewl thing is that it can run by any JRE, and opened in WinRAR.
Simple Windows Stego Example
Stego can be performed stright from the command line in Windows. It's kind of like using data streams to hide data, but that's another topic. To hide an executable jar file (or other compressed file) in a gif, open a dos box in a directory where both files are present, and use the command "copy /B my_gif+stuff.jar combined_file.gif". Make sure your gif is large enough to mask the added data. The file can be viewed in an image viewer like any other image file. Set execute permissions and open it with any Java JRE, and the executable jar will run. You can also use WinRAR to open the compressed file and view it's contents.
a Working Example
Download the file below and open it in an image viewer. You can go into file properties and make it executable, and run it from a Java JRE (or java -jar gnome.gif from the same directory).This file can be extracted with the unzip utility (unzip gnome.gif)
Linux Example
You can do this in Linux as well. Open a terminal in a directory containing a jar and gif file, and issue the command "cat my_jar >> my_gif.gif" and the newly created gif will contain the information. Here is a youtube video I put together: http://youtu.be/c4twCZyyRyw
A Warning About Downloading Stego Software
Stego software with encryption ability is illegal to download from some countries. Their laws do not permit the exportation of software containing strong encryption. You have been warned.
Stego has many uses including copyright protection, storage of sensitive information, transmission of sensitive data over public networks, and even executing programs. Many people either don't know about, or underestimate the power of hidden data. Sometimes things aren't always as they appear.
No comments:
Post a Comment