Hidden in the foliage
Good time of the day Habrozhiteli. In this article I will reinvent the wheel on the topic of - steganography.
Goals that are set
There is an image in jpg format ( avatar.jpeg ) and an encrypted rar archive ( readme.rar ) with password 12345 in which the readme.txt file is located. It is required to glue avatar.jpeg + readme.rar so that the output will be a file, which will be called avatar-join.jpg and open by default as a picture. When you force the opening of this file in the winrar program, you will be prompted to enter a password and get access to the readme.txt file , which will store the information we have hidden.
What we need for this, for experiments, I chose WinHex, took my avatar from a profile and created an encrypted archive with a password of 12345 in which I placed the readme.txt file with certain text.
')
We open our files in WinHex ( avatar.jpeg and readme.rar ) in different tabs, this is what should happen (the screenshots are not complete, but the point is clear):
This is the file avatar.jpeg opened in the HEX editor.
This is respectively the file readme.rar
1. Go to the tab with the open file readme.rar , press ctrl + a ( select all the code), copy the selected code to the clipboard (ctrl + c)
2. Go to the tab with the file avatar.jpeg , press ctrl + end (go to the end of the file avatar.jpeg , the cursor has stopped at D9)
3. Press ctrl + v (paste the previously copied code from the first item from the clipboard)
4. While in the avatar.jpeg tab , press ctrl + s (save the resulting file with the jpg extension to the hard disk)
From all of the above, it becomes clear what we have done, we copied all the bytes from the readme.rar and pasted into avatar.jpeg (such is Hex copy-paste).
As a result, we have a container-picture, which by default will open as a picture, and in cases of forced opening of this container in Winrar, we will be prompted to enter a password, in case of success we will be able to read the encrypted readme.txt file placed in the archive.
We can install such avatar picture on various forums and Internet resources and no one will suspect what this image carries. It will work if the Internet resource does not convert the downloaded image and avatars on the server side. And you can just download this avatar to your server and then simply insert the url.
What to store and what to hide in the above described way is up to you, I just mentioned obvious things.
Everything is much simpler here, we will not need WinHex, the only thing we need is a previously created encrypted archive with our information and a picture / avatar / wallpaper, again at your choice + command line.
The standard copy function, the / B parameter, indicates that the file is binary.
Unlike windows, in linux we will use the cat command, the whole file integration process looks like this:
And this is actually already a finished product, it looks like an ordinary, unspeakable avatar. But if you save it to your computer and open it in winrar, enter the password 12345, you will see a hidden readme.txt file with a hidden message.
Everyone knows everything described above, but most of us prefer to use ready-made products that do the same thing with a few mouse clicks. Everything new is well forgotten old. Good luck!
Goals that are set
There is an image in jpg format ( avatar.jpeg ) and an encrypted rar archive ( readme.rar ) with password 12345 in which the readme.txt file is located. It is required to glue avatar.jpeg + readme.rar so that the output will be a file, which will be called avatar-join.jpg and open by default as a picture. When you force the opening of this file in the winrar program, you will be prompted to enter a password and get access to the readme.txt file , which will store the information we have hidden.
Start
What we need for this, for experiments, I chose WinHex, took my avatar from a profile and created an encrypted archive with a password of 12345 in which I placed the readme.txt file with certain text.
')
We open our files in WinHex ( avatar.jpeg and readme.rar ) in different tabs, this is what should happen (the screenshots are not complete, but the point is clear):
This is the file avatar.jpeg opened in the HEX editor.
This is respectively the file readme.rar
1. Go to the tab with the open file readme.rar , press ctrl + a ( select all the code), copy the selected code to the clipboard (ctrl + c)
2. Go to the tab with the file avatar.jpeg , press ctrl + end (go to the end of the file avatar.jpeg , the cursor has stopped at D9)
3. Press ctrl + v (paste the previously copied code from the first item from the clipboard)
4. While in the avatar.jpeg tab , press ctrl + s (save the resulting file with the jpg extension to the hard disk)
From all of the above, it becomes clear what we have done, we copied all the bytes from the readme.rar and pasted into avatar.jpeg (such is Hex copy-paste).
What happened after gluing:
As a result, we have a container-picture, which by default will open as a picture, and in cases of forced opening of this container in Winrar, we will be prompted to enter a password, in case of success we will be able to read the encrypted readme.txt file placed in the archive.
We can install such avatar picture on various forums and Internet resources and no one will suspect what this image carries. It will work if the Internet resource does not convert the downloaded image and avatars on the server side. And you can just download this avatar to your server and then simply insert the url.
What to store and what to hide in the above described way is up to you, I just mentioned obvious things.
How to do the same thing using the command line
Everything is much simpler here, we will not need WinHex, the only thing we need is a previously created encrypted archive with our information and a picture / avatar / wallpaper, again at your choice + command line.
Windows version
copy /B avatar.jpeg + /B readme.rar avatar-join.jpgThe standard copy function, the / B parameter, indicates that the file is binary.
Linux version
Unlike windows, in linux we will use the cat command, the whole file integration process looks like this:
cat avatar.jpeg readme.rar >> avatar-join.jpgFinished product
And this is actually already a finished product, it looks like an ordinary, unspeakable avatar. But if you save it to your computer and open it in winrar, enter the password 12345, you will see a hidden readme.txt file with a hidden message.
Everyone knows everything described above, but most of us prefer to use ready-made products that do the same thing with a few mouse clicks. Everything new is well forgotten old. Good luck!
Source: https://habr.com/ru/post/128433/
All Articles