Jump to content



Photo

Hide file inside a JPEG image


  • Please log in to reply
24 replies to this topic

#1 +Xinok

Xinok

    Resident Reresident

  • 3,486 posts
  • Joined: 28-May 04
  • Location: Shikaka
  • OS: Windows 7 x64
  • Phone: Galaxy S3 (Wicked)

Posted 04 January 2009 - 22:06

This guide will teach you how to hide files inside JPEG images using a program called JPHS for Windows. The program can be downloaded here:
http://linux01.gwdg....tham/stego.html

I've tested and verified JPHS works on Windows XP SP3 and Windows 7 beta. I haven't tested it on Vista, but it probably works.

The program is over 9 years old, so it's interface is not the best. There are a few reasons why I chose to use this one though:
  • It allows you to hide files inside of JPEG images. Not all of us use BMP or PNG, and those are obvious targets for steganography anyways.
  • It modifies the color of the pixels in the image in a way that is very hard to detect. Most steganography tools will simply append to the JPEG file, or modify unused bits, methods which are very easy to detect.
  • Because JPEG files are lossy, it gives reasonable doubt whether noise is caused by the JPEG format or steganography.
  • The program uses Blowfish encryption. This program was written before AES was available, but Blowfish is still a secure encryption algorithm.
There are some precautions you should take:
  • Don't use images with solid colors, such as a large blue sky. This can make it easy to detect embedded files, as I'll demonstrate later in this guide.
  • Based upon my own tests, this program will not preserve JPEG meta data, created / modified times, or any data appended to the JPEG file.
  • Never modify a JPEG image that contains a hidden file. Doing so will most likely mean you'll lose the hidden file.
  • Never try to hide a file in a JPEG image that already contains a hidden file. Doing so will cause you to lose the hidden file already in the JPEG.
  • Delete the original picture after you hide a file in it. It may be possible to detect a hidden file if there are two versions of the same picture available to compare.
  • The program is portable, so if possible, store it on removable media. Having steganography software on your computer makes it pretty obvious you might be hiding data.

To get started, download the file from the URL above. There are three EXEs in the archive:
jphide.exe and jpseek.exe are command-line based.
Jphswin.exe is the one I'll be showing you how to use in this guide because it has a GUI.

The first thing you'll see is the user agreement. Read it if you want, and then click "Yes, I accept these terms".
Agreement.png

First, you have to choose the JPEG image you want to use to hide a file, otherwise known as the "carrier". On the file menu, click "Open jpeg".
The larger the JPEG file is, the more data you can hide inside of it.
Try to choose a JPEG image with a lot of detail. Avoid images with a lot of solid color, such as a cloudless sky, as this may make it possible to detect a hidden file.
Open_jpeg.png

In the window, you should see two values:
Approximate max capacity is an estimate of the largest file this image can hold. This is only an estimate and the limit may be smaller than what this value says.
Recommended limit is a recommendation for the maximum file size you should store in this image. The smaller the file is, the harder it is to detect. Going above the recommended limit may mean it's possible to detect a hidden file.

On the file menu, click "Hide" to choose a file you want to hide in the JPEG image.
Hide.png

First, the program will ask for a password. This password will be required to extract the hidden file later on.
Password.png

After you type your password, you can browse for the file you want to hide.
If the file is too large, the program will warn you. Convenient! :)

Now that you've chosen your JPEG image and the file you want hidden, you can save the modified JPEG image.
Save jpeg will overwrite the original JPEG image with the new one. Probably best not to use this, just to be safe.
Save jpeg as will allow you to save the new JPEG to a separate file.
Save_jpeg_as.png

After you're done, the program should look something like this.
The new JPEG file may come out bigger or smaller, this is not an issue.
Finish.png




How to Extract Files

Now that you know how to hide files, you need to know how to extract them.
Start off by clicking Open jpeg on the file menu.
Browse for the JPEG image with the hidden file in it.

Then click Seek on the file menu.
The program will ask for a password. Type in the same password you used when hiding the file.
Then you can choose where to extract the file to. Unfortunately, the program doesn't save the original file name. You'll have to manually type the file name and file extension.
Seek.png

At this point, if you typed in the wrong password, or if the JPEG image simply doesn't contain a hidden file, the program will say "Passphrase wrong". If this happens, simply click Seek to attempt to extract the file again.

When you successfully extract a file, the program should look something like this:
Extracted.png

This was my own test. The file was extracted correctly.
Verify.png


To demonstrate my point earlier, you should not use images with large amounts of the same color. I decided to hide a file in a picture with a large blue sky. This is the picture I used (resized, the original is 1600x1200).
TestImage.jpg

This is what happens, before hiding a file and after hiding a file.
You can easily see the noise in the right picture caused by the steganography.
So use large, detailed pictures!
Before.png After.png


This is my first guide on Neowin. Hope some of you find it useful :)

Edited by Xinok, 11 January 2009 - 19:17.



#2 Budious

Budious

    LiQuiD55'R

  • 2,834 posts
  • Joined: 03-November 01

Posted 04 January 2009 - 22:17

Alternatively, you can use a much simpler method of attaching a .rar file to a .jpg as follows:

windows: copy /b input.jpg + input.rar ouput.jpg
linux: cat pic.jpg file.rar > result.jpg

#3 -Vivicidal-

-Vivicidal-

    Neowinian Senior

  • 1,580 posts
  • Joined: 27-January 08
  • Location: UK, EU

Posted 04 January 2009 - 22:46

Alternatively, you can use a much simpler method of attaching a .rar file to a .jpg as follows:

windows: copy /b input.jpg + input.rar ouput.jpg
linux: cat pic.jpg file.rar > result.jpg


He already thought of that:

It modifies the color of the pixels in the image in a way that is very hard to detect. Most steganography tools will simply append to the JPEG file, or modify unused bits, methods which are very easy to detect.



#4 1941

1941

    Banned

  • 18,175 posts
  • Joined: 17-July 06

Posted 04 January 2009 - 22:54

Why would one want to do this?

#5 Argote

Argote

    Formerly known as ArtOf_War

  • 8,987 posts
  • Joined: 24-June 04
  • Location: SF Bay Area, USA
  • Phone: Galaxy Nexus

Posted 04 January 2009 - 23:03

This is pretty clever, I've always found cryptography fascinating even though I understand so little about it.

#6 Budious

Budious

    LiQuiD55'R

  • 2,834 posts
  • Joined: 03-November 01

Posted 04 January 2009 - 23:10

Steganography is a security by obscurity approach to hiding data; whereas cryptography is a encrypted data source which does not masquerade as another data format. So rather you use steganography analysis to detect common methods of implanting hidden data into a image file, or simply append an encrypted .rar to a .jpg, your primary goal is obscurity of the information.

#7 TheElite

TheElite

    Neowinian Senior

  • 10,296 posts
  • Joined: 26-July 03

Posted 04 January 2009 - 23:15

Why would one want to do this?


+1.

#8 1941

1941

    Banned

  • 18,175 posts
  • Joined: 17-July 06

Posted 04 January 2009 - 23:35

Steganography is a security by obscurity approach to hiding data; whereas cryptography is a encrypted data source which does not masquerade as another data format. So rather you use steganography analysis to detect common methods of implanting hidden data into a image file, or simply append an encrypted .rar to a .jpg, your primary goal is obscurity of the information.


So then the reason to do this would be to hide a file such as a virus in a JPEG image. Hmmm. No thanks, I don't need to know this.

#9 MrChainsaw

MrChainsaw

    Neowinian Senior

  • 2,735 posts
  • Joined: 09-May 08
  • Location: Mars (yes, I moved)

Posted 04 January 2009 - 23:39

There's also Paint.NET with Steganography plugin.

#10 Budious

Budious

    LiQuiD55'R

  • 2,834 posts
  • Joined: 03-November 01

Posted 04 January 2009 - 23:41

So then the reason to do this would be to hide a file such as a virus in a JPEG image. Hmmm. No thanks, I don't need to know this.


Well the hidden information would not be executable. Any virus would have to be manually extracted and run by the user, so this scenario would be unlikely. Hiding content in image files is seen on Internet image boards and newsgroups; typical scenarios I have seen recently are embedding a .rar picture set into a single image from the set, or embedding an ebook into an image of the book cover.

#11 winlonghorn

winlonghorn

    Neowinian

  • 1,070 posts
  • Joined: 17-March 05
  • Location: Erie, PA

Posted 04 January 2009 - 23:43

Well the hidden information would not be executable. Any virus would have to be manually extracted and run by the user, so this scenario would be unlikely. Hiding content in image files is seen on Internet image boards and newsgroups; typical scenarios I have seen recently are embedding a .rar picture set into a single image from the set, or embedding an ebook into an image of the book cover.


Ok, but how do you view the files that are hidden inside then? :)

#12 1941

1941

    Banned

  • 18,175 posts
  • Joined: 17-July 06

Posted 05 January 2009 - 00:14

Steganography Revealed
Kristy Westphal 2003-04-09

Over the past couple of years, steganography has been the source of a lot of discussion, particularly as it was suspected that terrorists connected with the September 11 attacks might have used it for covert communications. While no such connection has been proven, the concern points out the effectiveness of steganography as a means of obscuring data. Indeed, along with encryption, steganography is one of the fundamental ways by which data can be kept confidential. This article will offer a brief introductory discussion of steganography: what it is, how it can be used, and the true implications it can have on information security.

What is Steganography?

While we are discussing it in terms of computer security, steganography is really nothing new, as it has been around since the times of ancient Rome. For example, in ancient Rome and Greece, text was traditionally written on wax that was poured on top of stone tablets. If the sender of the information wanted to obscure the message - for purposes of military intelligence, for instance - they would use steganography: the wax would be scraped off and the message would be inscribed or written directly on the tablet, wax would then be poured on top of the message, thereby obscuring not just its meaning but its very existence[1].

According to Dictionary.com, steganography (also known as "steg" or "stego") is "the art of writing in cipher, or in characters, which are not intelligible except to persons who have the key; cryptography" [2]. In computer terms, steganography has evolved into the practice of hiding a message within a larger one in such a way that others cannot discern the presence or contents of the hidden message[3]. In contemporary terms, steganography has evolved into a digital strategy of hiding a file in some form of multimedia, such as an image, an audio file (like a .wav or mp3) or even a video file.

What is Steganography Used for?

Like many security tools, steganography can be used for a variety of reasons, some good, some not so good. Legitimate purposes can include things like watermarking images for reasons such as copyright protection. Digital watermarks (also known as fingerprinting, significant especially in copyrighting material) are similar to steganography in that they are overlaid in files, which appear to be part of the original file and are thus not easily detectable by the average person. Steganography can also be used as a way to make a substitute for a one-way hash value (where you take a variable length input and create a static length output string to verify that no changes have been made to the original variable length input)[4]. Further, steganography can be used to tag notes to online images (like post-it notes attached to paper files). Finally, steganography can be used to maintain the confidentiality of valuable information, to protect the data from possible sabotage, theft, or unauthorized viewing[5].


Unfortunately, steganography can also be used for illegitimate reasons. For instance, if someone was trying to steal data, they could conceal it in another file or files and send it out in an innocent looking email or file transfer. Furthermore, a person with a hobby of saving pornography, or worse, to their hard drive, may choose to hide the evidence through the use of steganography. And, as was pointed out in the concern for terroristic purposes, it can be used as a means of covert communication. Of course, this can be both a legitimate and an illegitimate application.


http://www.securityf...om/infocus/1684

#13 well...

well...

    Neowinian

  • 910 posts
  • Joined: 07-November 06
  • Location: UK

Posted 05 January 2009 - 00:18

Interesting guide (Y)
although ill never be able to look at a pixelated image again without wondering what it might contain...

#14 revreddy

revreddy

    Neowinian

  • 965 posts
  • Joined: 28-November 08

Posted 05 January 2009 - 00:24

http://www.securityf...om/infocus/1684

This is quite clever. But it is no different than many other programs that can be used for both legal and illegal activities. Take bittorent as a perfect example. Ultimately, it requires the users discretion to use the program for the ethically accepted purposes and also take the necessary precautions to protect them from harmful files when on the receiving end.

#15 ~Matt~

~Matt~

    Neowinian

  • 312 posts
  • Joined: 08-October 08
  • Location: Sydney, Australia

Posted 05 January 2009 - 00:30

How do we get this hidden information out of it? ME WANTS TO KNOW!!!!!!!!!!!



Click here to login or here to register to remove this ad, it's free!