I've tested and verified JPHS works on Windows XP SP3 and Windows 7 beta. I haven't tested it on Vista, but it probably works.
The program is over 9 years old, so it's interface is not the best. There are a few reasons why I chose to use this one though:
- It allows you to hide files inside of JPEG images. Not all of us use BMP or PNG, and those are obvious targets for steganography anyways.
- It modifies the color of the pixels in the image in a way that is very hard to detect. Most steganography tools will simply append to the JPEG file, or modify unused bits, methods which are very easy to detect.
- Because JPEG files are lossy, it gives reasonable doubt whether noise is caused by the JPEG format or steganography.
- The program uses Blowfish encryption. This program was written before AES was available, but Blowfish is still a secure encryption algorithm.
- Don't use images with solid colors, such as a large blue sky. This can make it easy to detect embedded files, as I'll demonstrate later in this guide.
- Based upon my own tests, this program will not preserve JPEG meta data, created / modified times, or any data appended to the JPEG file.
- Never modify a JPEG image that contains a hidden file. Doing so will most likely mean you'll lose the hidden file.
- Never try to hide a file in a JPEG image that already contains a hidden file. Doing so will cause you to lose the hidden file already in the JPEG.
- Delete the original picture after you hide a file in it. It may be possible to detect a hidden file if there are two versions of the same picture available to compare.
- The program is portable, so if possible, store it on removable media. Having steganography software on your computer makes it pretty obvious you might be hiding data.
To get started, download the file from the URL above. There are three EXEs in the archive:
jphide.exe and jpseek.exe are command-line based.
Jphswin.exe is the one I'll be showing you how to use in this guide because it has a GUI.
The first thing you'll see is the user agreement. Read it if you want, and then click "Yes, I accept these terms".
First, you have to choose the JPEG image you want to use to hide a file, otherwise known as the "carrier". On the file menu, click "Open jpeg".
The larger the JPEG file is, the more data you can hide inside of it.
Try to choose a JPEG image with a lot of detail. Avoid images with a lot of solid color, such as a cloudless sky, as this may make it possible to detect a hidden file.
In the window, you should see two values:
Approximate max capacity is an estimate of the largest file this image can hold. This is only an estimate and the limit may be smaller than what this value says.
Recommended limit is a recommendation for the maximum file size you should store in this image. The smaller the file is, the harder it is to detect. Going above the recommended limit may mean it's possible to detect a hidden file.
On the file menu, click "Hide" to choose a file you want to hide in the JPEG image.
First, the program will ask for a password. This password will be required to extract the hidden file later on.
After you type your password, you can browse for the file you want to hide.
If the file is too large, the program will warn you. Convenient!
Now that you've chosen your JPEG image and the file you want hidden, you can save the modified JPEG image.
Save jpeg will overwrite the original JPEG image with the new one. Probably best not to use this, just to be safe.
Save jpeg as will allow you to save the new JPEG to a separate file.
After you're done, the program should look something like this.
The new JPEG file may come out bigger or smaller, this is not an issue.
How to Extract Files
Now that you know how to hide files, you need to know how to extract them.
Start off by clicking Open jpeg on the file menu.
Browse for the JPEG image with the hidden file in it.
Then click Seek on the file menu.
The program will ask for a password. Type in the same password you used when hiding the file.
Then you can choose where to extract the file to. Unfortunately, the program doesn't save the original file name. You'll have to manually type the file name and file extension.
At this point, if you typed in the wrong password, or if the JPEG image simply doesn't contain a hidden file, the program will say "Passphrase wrong". If this happens, simply click Seek to attempt to extract the file again.
When you successfully extract a file, the program should look something like this:
This was my own test. The file was extracted correctly.
To demonstrate my point earlier, you should not use images with large amounts of the same color. I decided to hide a file in a picture with a large blue sky. This is the picture I used (resized, the original is 1600x1200).
This is what happens, before hiding a file and after hiding a file.
You can easily see the noise in the right picture caused by the steganography.
So use large, detailed pictures!
This is my first guide on Neowin. Hope some of you find it useful
Edited by Xinok, 11 January 2009 - 19:17.