• Steganography is a technique of hiding a secret message within an ordinary message and extracting it at the destination.
  • Utilizing a graphic image as a cover is the most popular method to conceal the data in files.
  • Attackers can use steganography to hide message such as list of compromised servers, source code for the hacking tools, plans for future attacks, etc.

# Technical Steganography: invisible ink/microdots , physical methods to hide.

# Linguistic Steganography: Type that hides the message in another file.

Steganalysis

  • Art of discovering and rendering covert message using steganography. It attacks steganography efforts.

Technical Steganography

Tool Used :Gnu Image manipulation program

Leet Alphabet :

Linguistic Steganography

Tool Used :

exiftool : It is a free and open-source software program for reading, writing, and manipulating image, audio, video, and PDF metadata.

binwalk : Binwalk is a tool for searching a given binary image for embedded files and executable code. Specifically, it is designed for identifying files and code embedded inside of firmware images. Binwalk uses the libmagic library, so it is compatible with magic signatures created for the Unix file utility.

head : To find hidden msg in the 1st ten lines of a image code.

tail : To find hidden msg in the last ten lines of a image code.

steghide : It is a steganography program that is able to hide data in various kinds of image- and audio-files. The color- respectivly sample-frequencies are not changed thus making the embedding resistant against first-order statistical tests.

*******************************************************************

Cyber Security Researcher | CEH