top of page
Search

Steganography : Transfer Secrets Secretly

Sending data secretly has been improved greatly. From ftp to ssh, http to https, every mode has been secured and being more securer improving the present version shh to ssh2, tls to tls 1.3. But still people can see some data is sent. So what’s the way do transfer them without being seen by someone ?

Thanks to Johannese Trithemius for using the term in his Steganographia, a treatise on cryptography and steganography.

Steganography is an art of hiding information behind another object. The word Steganography comes from the Greek word Steganographia, combing the words Steganos (means covered or concealed) and Graphia (means writing).

Those days message were hidden on papers using secret inks, morse code being stitched in clothes, photographically produced microdots, morse code by the blink in eyes.

At the digital world messages are being shared between different parts of the world and though being secured it is still visible that some message is being passed. At the present world steganography is done in electronic form

The advantage is that in steganography is that the information shared does not attract attention as it is embedded into the object seen as whole, whereas in the cryptographic form it provides a huge string of characters.

Types of Steganography:

  1. Text steganography

  2. Image steganography

  3. Video steganography

  4. Audio steganography

  5. Network steganography

The above image explains the working of process of steganography.

Basic steps involved in steganography:

  1. The cover file is selected

  2. The information is embedded into the cover file with an encryption key

  3. The output of the above process is called the stego-file

  4. This file is shared and it reaches the receiver

  5. The receiver extracts the stego-file with the decryption key and extracts the secret information.


Data is hidden in pixels of the image

There are many tools available for this purpose. Some are:

  1. Steghide

  2. Stegosuite

  3. Zsteg

  4. Sonic Visualizer

  5. OpenPuff

  6. Xiao Steganography

In this blog I would showcase 2 of them. One for a jpeg/jpg file and a wav audio file. I would be using linux to showcase. Many tools are also available for Windows and Mac

  • Steghide


Steghide is a tool for hiding data in images, specially for jpeg/jpg.



Short manual page of steghide




hide is file to be hidden


Image before hiding data


Image after hiding data



Extracting the hidden message


  • Sonic Visualizer

Sonic Visualizer is tool for analysing the spectrogram(hidden data) of an audio.




Sonic Visulaizer


-Click File -> Open and select the audio


Click Layer -> Add Spectrogram

The hidden message in this .wav file is “Google”.

Many other tools perform steganography with different capabilities. Steganography was developed for secure communication. However, criminals and terrorist organizations are using for their own purposes. Understanding how steganography works can be very helpful in attack as well as defense.

POST BY


Daadreyaa

Bluefire Redteam Intern

Follow Daadreyaa on:


https://www.linkedin.com/in/daadreyaa-d-67a9191b9

Instagram: daadreyaa

https://twitter.com/daadreyaa

48 views0 comments

Recent Posts

See All
bottom of page