Hey Guys, Back again with another blog, we are going to take a quick tour on steg tools and Countermeasures.
What is Steganography?
It is a technique of hiding a secret message within an ordinary message by encrypting and decrypting at the receiver end to maintain confidentiality of data.
Utilizing of Images, Videos, Audio, Document files as a cover to hide the Sensitive information to conceal data in files. Mostly Utilizing of graphic image as a cover is the most popular technique.
IMAGE STEGANOGRAPHY- It is nothing but hiding of information in image files of different formats like .jpg, .png, .bmp. [TOOL – OPEN STEGO, STEGO STICK, HIDE in PICTURE]
DOCUMENT STEGANOGRAPHY – Secret way of hiding secret messages in the form of documents by addition of white spaces and tabs at the end of lines. [TOOL – STEGO STICK, SNOW, STEGJ]
VIDEO STEGANOGRAPHY – It referes to hiding of sensitive information in to a carrier video file formats such as .AVI, .mp4, .wmv. [TOOLS – STEGO STICK, OPENPUFF, OMNI HIDE]
AUDIO STEGANOGRAPHY – Hiding of information in audio files such as .MP3, .WAV etc. [TOOL : Deep sound, BitCrypt]
In this blog we will be Using Two tools to hide a file in Image, Document and Audio, Let’s Dive in….
STEP 1:- Download and Install StegoStick, Openstego, and DeepSound tools to use for different steganography.
STEP 2: – Open DeepSound application from Desktop it will be opened like this
STEP 3:- Now we have to choose the carrier files to hide our secret message or files in to it… So click Open Carrier files. Then choose the audio file then proceed. You can see the audio file is attached in the application.
STEP 4:- Here we are going to attach a small text files with this audio files, click Add secret files options then choose the text file, then click Encode secret files button.
STEP 5:- Now we can click Encode secret files, Now a pop up will prompt for Password encryption, i left it blank, if you want you can use it, and u have to use it in decryption also. Then click Encode secret files button finally.
STEP 6:- Now we can check the encoded file in the output folder, it’s a simple audio file but it has our text file also. Let’s Decrypt using the same tool, Open DeepSound once again.
STEP 7:- Choose the modified file from the location into carrier file path in the application then Click Extract Secret files button, Voila we got it, we got that Stashed text file in that audio file.
Look, we got that text file we stashed in to that audio file earlier. That’s it.
TYPE 2:
STEP 1:- Open StegoStick Application, then Choose Hiding tab from the left pan
STEP 2:- It will ask you to choose the type of Encryption technique, I left it default then click ok
STEP 3:- Choose the Secret file you want to stash in, here i was using a PHP text file, with a Image file as a cover file.
You can see the file is successfully hidden into the cover file in the destination path. Click OK.
If you inspect the Image You can’t see anything It looks normal right.?
STEP 4:- Fire up StegoStick once again then choose UnHiding tab from the left pan
STEP 5:- Choose that Modified file with text file then give the password to Unhide which you gave while hiding. We got it Secret file is successfully retrieved to that path.
We can see that hidden file is retrieved into a new file by StegoStick.
TYPE 3: Here we will be Hiding a message into a text file,
STEP 1:- Open StegoStick the choose the Hiding tab from left pan, then choose the Hidden.txt file which we retrieved from previous type. Then Proceed to the next tab Hide Message.
STEP 2:- Type the message You want to Hide then click Hide Button
STEP 3:- Inspect both the files, Original(right) and the Stego(left) file, We can see some Gibberish text added with the original file.
STEP 4:- Open StegoStick Once again then choose Unhide tab, then select the file which is need to be decrypted then click unhide. Don’t Forget to give the password Guys.
Here we can clearly read the hidden message which is stuffed into that original text file “Hey Everyone”.
Document Steganography can also done by using white spaces and tabs to hide the data in it.
COUNTERMEASURES:
TEXT FILE: – Check for the alterations made to the characters for hiding the data, Text patterns, language used, and unused blank spaces,
IMAGE FILE: – We can Detect it by determining the changes in size, file format, the last modified timestamp, and statistical analysis method used for image scanning.
AUDIO FILES:- The inaudible Frequencies can be scanned for hidden info, Odd distortions and patterns show the existence of secret data.
VIDEO FILES :- Detection of secret files in video file includes a combination of methods both audio and image files.
CONCLUSION: We can Stealthly share and retrieve sensitive information using other file formats. Hackers might Use this method to Hide their Hacking tools Source code, Future attack plans, and other purposes also.
Steganography can be used for transferring Sensitive files over the Organization but not with the intent of Cyber Terrorism. There are many Stego tools are available over the internet, Kindly let me Know if you find some good ones.
TASK: THIS BLOG IS HAVING WHOLE LOT OF PICTURES, ONE AMONG THOSE IS HAVING SOME HIDDEN MESSAGES, TRY TO DECODE IT WITH ANY TOOLS AND POST THE MESSAGE IN THE COMMENT SECTION.
Thank you guys,
See you in another blog, until then bye bye!.