Steghide - A Beginners Tutorial




All of us want our sensitive information to be hidden from people and for that we perform different kinds of things like hide those files or lock them using different softwares. But even though we do that, those files  attractive people to itself as an object of security. Today I'm going to give you a slight introduction to what is called as Steganography. Its a practice of hiding an informational file within another file like you might have seen in movies an image has a secret message encoded in it. You can read more about Steganography from Wikipedia.


In this tutorial I'm going to use a tool called steghide, which is a simple to use Steganography tool and I'm running it on my Arch Linux. What I'm going to do is simply encode an image with a text file which contains some kind of information which I don't want other people to see. And at the end I'll show you how to decode that information back. So lets get started:


Requirements:

1. steghide
2. a text file
3. an image file

After you have installed steghide, fire up the terminal and type steghide




It will give you list of options that are available.


Now say I have a file with the name of myblogpassword.txt which contains the login password of my blog and I want to encode that file into an Image file with the name of arch.jpg so that I can hide my sensitive information from the preying eyes of my friends. In order to do that I'll type the following command in my terminal:


steghide embed -ef myblogpassword.txt -cf arch.jpg




here steghide is the name of the program

embed flag is used to specify to steghide that we want to embed one file into another file
-ef option is used to specify to steghide the name (and location, in case if its in some other directory) of the file that we want to embed inside of the another file, in our case its myblogpassword.txt
-cf option is used to specify the name (and location, in case if its in some other directory) of the file in which we want to embed our file, in our case its an image file named arch.jpg

After typing the above command and hitting enter it will prompt for a password. We can specify a password here in order to password protect our file so that when anyone tries to extract our embedded file, they'll have to supply a password in order to extract it. If you don't want to password protect it you can just simply hit enter.


Now myblogpassword.txt file is embedded inside of the image file arch.jpg. You'll see no changes in the image file except for its size. Now we can delete the plain password text file myblogpassword.txt.


In order to extract the embedded file from the cover file, I'll type following command in the terminal:


steghide extract -sf arch.jpg -xf myblogpass.txt




here steghide is again name of the program
extract flag specifies that we want to extract an embedded file from a stego file
-sf option specifies the name of the stego file or in other words the file in which we embedded another file, in our case here its the arch.jpg file
-xf option specifies the name of the file to which we want to write our embedded file, here it is myblogpass.txt
(remember you must specify the name of file with its location if its somewhere else than the current directory)

After typing the above command and hitting enter, it will prompt for a password. Supply the password if any or otherwise just simply hit enter. It will extract the embedded file to the file named myblogpass.txt. Voila! you got your file back but yes the image file still contains the embedded file.


That's it, very easy isn't it?


It was a pretty basic introduction you can look for other things like encrypting the file to be embedded before you embed it into another file and so on... enjoy
:)

Comments

  1. It shows error that steghude could not open

    ReplyDelete
    Replies
    1. can you paste the error that you get here

      Delete
    2. couldnt open what? txt or jpg ?
      if it is txt, create a new txt and try
      if it is jpg, try jpeg

      Delete
  2. Is there anyway to use steghide without the passphrase?

    ReplyDelete
    Replies
    1. If there is no password on the stegno file you can simply press enter when it prompts for password. That should do the trick.

      Delete
  3. I am new to to using steghide and when I try to embed the show me this:

    steghide: could not open the file "filename.txt"

    ReplyDelete
    Replies
    1. maybe ur txt is not in right directory .
      try ~/Desktop/filename.txt

      Delete
  4. steghide embed -cf a.jpg -ef secret.txt
    steghide extract -sf a.jpg

    try with a new image and txt file.
    İf it doesnt work again, be sure you tried jpeg instead of jpg

    ReplyDelete
  5. **SELLING SSN+DOB FULLZ**

    CONTACT
    Telegram > @leadsupplier
    ICQ > 752822040
    Email > leads.sellers1212@gmail.com

    >>1$ each without DL/ID number
    >>2$ each with DL
    >>5$ each for premium (also included relative info)

    *Will reduce price if buying in bulk
    *Hope for a long term business

    FORMAT OF LEADS/FULLZ/PROS

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER WITH EXPIRY DATE
    ->COMPLETE ADDRESS
    ->PHONE NUMBER, EMAIL, I.P ADDRESS
    ->EMPLOYMENT DETAILS
    ->REALTIONSHIP DETAILS
    ->MORTGAGE INFO
    ->BANK ACCOUNT DETAILS

    >Fresh Leads for tax returns & w-2 form filling
    >Payment mode BTC, ETH, LTC, PayPal, USDT & PERFECT MONEY

    ''OTHER GADGETS PROVIDING''

    >SSN+DOB Fullz
    >CC with CVV
    >Photo ID's
    >Dead Fullz
    >Spamming Tutorials
    >Carding Tutorials
    >Hacking Tutorials
    >SMTP Linux Root
    >DUMPS with pins track 1 and 2
    >Sock Tools
    >Server I.P's
    >HQ Emails with passwords

    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    THANK YOU

    ReplyDelete

Post a Comment