Hide file inside a JPEG image

By +Xinok
in Essential Guides

 Share

Recommended Posts

Grand Master

+Xinok Subscriber²

Posted
  • Subscriber²
Posted (edited)

This guide will teach you how to hide files inside JPEG images using a program called JPHS for Windows. The program can be downloaded here:

http://linux01.gwdg.de/~alatham/stego.html

I've tested and verified JPHS works on Windows XP SP3 and Windows 7 beta. I haven't tested it on Vista, but it probably works.

The program is over 9 years old, so it's interface is not the best. There are a few reasons why I chose to use this one though:

  • It allows you to hide files inside of JPEG images. Not all of us use BMP or PNG, and those are obvious targets for steganography anyways.
  • It modifies the color of the pixels in the image in a way that is very hard to detect. Most steganography tools will simply append to the JPEG file, or modify unused bits, methods which are very easy to detect.
  • Because JPEG files are lossy, it gives reasonable doubt whether noise is caused by the JPEG format or steganography.
  • The program uses Blowfish encryption. This program was written before AES was available, but Blowfish is still a secure encryption algorithm.

There are some precautions you should take:

  • Don't use images with solid colors, such as a large blue sky. This can make it easy to detect embedded files, as I'll demonstrate later in this guide.
  • Based upon my own tests, this program will not preserve JPEG meta data, created / modified times, or any data appended to the JPEG file.
  • Never modify a JPEG image that contains a hidden file. Doing so will most likely mean you'll lose the hidden file.
  • Never try to hide a file in a JPEG image that already contains a hidden file. Doing so will cause you to lose the hidden file already in the JPEG.
  • Delete the original picture after you hide a file in it. It may be possible to detect a hidden file if there are two versions of the same picture available to compare.
  • The program is portable, so if possible, store it on removable media. Having steganography software on your computer makes it pretty obvious you might be hiding data.

To get started, download the file from the URL above. There are three EXEs in the archive:

jphide.exe and jpseek.exe are command-line based.

Jphswin.exe is the one I'll be showing you how to use in this guide because it has a GUI.

The first thing you'll see is the user agreement. Read it if you want, and then click "Yes, I accept these terms".

post-57213-1231104155.png

First, you have to choose the JPEG image you want to use to hide a file, otherwise known as the "carrier". On the file menu, click "Open jpeg".

The larger the JPEG file is, the more data you can hide inside of it.

Try to choose a JPEG image with a lot of detail. Avoid images with a lot of solid color, such as a cloudless sky, as this may make it possible to detect a hidden file.

post-57213-1231104119.png

In the window, you should see two values:

Approximate max capacity is an estimate of the largest file this image can hold. This is only an estimate and the limit may be smaller than what this value says.

Recommended limit is a recommendation for the maximum file size you should store in this image. The smaller the file is, the harder it is to detect. Going above the recommended limit may mean it's possible to detect a hidden file.

On the file menu, click "Hide" to choose a file you want to hide in the JPEG image.

post-57213-1231104570.png

First, the program will ask for a password. This password will be required to extract the hidden file later on.

post-57213-1231104552.png

After you type your password, you can browse for the file you want to hide.

If the file is too large, the program will warn you. Convenient! :)

Now that you've chosen your JPEG image and the file you want hidden, you can save the modified JPEG image.

Save jpeg will overwrite the original JPEG image with the new one. Probably best not to use this, just to be safe.

Save jpeg as will allow you to save the new JPEG to a separate file.

post-57213-1231105154.png

After you're done, the program should look something like this.

The new JPEG file may come out bigger or smaller, this is not an issue.

post-57213-1231105324.png

How to Extract Files

Now that you know how to hide files, you need to know how to extract them.

Start off by clicking Open jpeg on the file menu.

Browse for the JPEG image with the hidden file in it.

Then click Seek on the file menu.

The program will ask for a password. Type in the same password you used when hiding the file.

Then you can choose where to extract the file to. Unfortunately, the program doesn't save the original file name. You'll have to manually type the file name and file extension.

post-57213-1231105912.png

At this point, if you typed in the wrong password, or if the JPEG image simply doesn't contain a hidden file, the program will say "Passphrase wrong". If this happens, simply click Seek to attempt to extract the file again.

When you successfully extract a file, the program should look something like this:

post-57213-1231106043.png

This was my own test. The file was extracted correctly.

post-57213-1231106224.png

To demonstrate my point earlier, you should not use images with large amounts of the same color. I decided to hide a file in a picture with a large blue sky. This is the picture I used (resized, the original is 1600x1200).

post-57213-1231106341.jpg

This is what happens, before hiding a file and after hiding a file.

You can easily see the noise in the right picture caused by the steganography.

So use large, detailed pictures!

post-57213-1231106402.png post-57213-1231106408.png

This is my first guide on Neowin. Hope some of you find it useful :)

Edited by Xinok
Link to comment
Share on other sites
Grand Master

Budious

Posted
Posted

Alternatively, you can use a much simpler method of attaching a .rar file to a .jpg as follows:

windows: copy /b input.jpg + input.rar ouput.jpg

linux: cat pic.jpg file.rar > result.jpg

Link to comment
Share on other sites
Mentor

-Vivicidal-

Posted
Posted
Alternatively, you can use a much simpler method of attaching a .rar file to a .jpg as follows:

windows: copy /b input.jpg + input.rar ouput.jpg

linux: cat pic.jpg file.rar > result.jpg

He already thought of that:

It modifies the color of the pixels in the image in a way that is very hard to detect. Most steganography tools will simply append to the JPEG file, or modify unused bits, methods which are very easy to detect.
Link to comment
Share on other sites
Grand Master

Budious

Posted
Posted

Steganography is a security by obscurity approach to hiding data; whereas cryptography is a encrypted data source which does not masquerade as another data format. So rather you use steganography analysis to detect common methods of implanting hidden data into a image file, or simply append an encrypted .rar to a .jpg, your primary goal is obscurity of the information.

Link to comment
Share on other sites
Grand Master

+Gary7 Subscriber²

Posted
  • Subscriber²
Posted
Steganography is a security by obscurity approach to hiding data; whereas cryptography is a encrypted data source which does not masquerade as another data format. So rather you use steganography analysis to detect common methods of implanting hidden data into a image file, or simply append an encrypted .rar to a .jpg, your primary goal is obscurity of the information.

So then the reason to do this would be to hide a file such as a virus in a JPEG image. Hmmm. No thanks, I don't need to know this.

Link to comment
Share on other sites
Grand Master

Budious

Posted
Posted
So then the reason to do this would be to hide a file such as a virus in a JPEG image. Hmmm. No thanks, I don't need to know this.

Well the hidden information would not be executable. Any virus would have to be manually extracted and run by the user, so this scenario would be unlikely. Hiding content in image files is seen on Internet image boards and newsgroups; typical scenarios I have seen recently are embedding a .rar picture set into a single image from the set, or embedding an ebook into an image of the book cover.

Link to comment
Share on other sites
Experienced

winlonghorn

Posted
Posted
Well the hidden information would not be executable. Any virus would have to be manually extracted and run by the user, so this scenario would be unlikely. Hiding content in image files is seen on Internet image boards and newsgroups; typical scenarios I have seen recently are embedding a .rar picture set into a single image from the set, or embedding an ebook into an image of the book cover.

Ok, but how do you view the files that are hidden inside then? :)

Link to comment
Share on other sites
Grand Master

+Gary7 Subscriber²

Posted
  • Subscriber²
Posted
Steganography Revealed

Kristy Westphal 2003-04-09

Over the past couple of years, steganography has been the source of a lot of discussion, particularly as it was suspected that terrorists connected with the September 11 attacks might have used it for covert communications. While no such connection has been proven, the concern points out the effectiveness of steganography as a means of obscuring data. Indeed, along with encryption, steganography is one of the fundamental ways by which data can be kept confidential. This article will offer a brief introductory discussion of steganography: what it is, how it can be used, and the true implications it can have on information security.

What is Steganography?

While we are discussing it in terms of computer security, steganography is really nothing new, as it has been around since the times of ancient Rome. For example, in ancient Rome and Greece, text was traditionally written on wax that was poured on top of stone tablets. If the sender of the information wanted to obscure the message - for purposes of military intelligence, for instance - they would use steganography: the wax would be scraped off and the message would be inscribed or written directly on the tablet, wax would then be poured on top of the message, thereby obscuring not just its meaning but its very existence[1].

According to Dictionary.com, steganography (also known as "steg" or "stego") is "the art of writing in cipher, or in characters, which are not intelligible except to persons who have the key; cryptography" [2]. In computer terms, steganography has evolved into the practice of hiding a message within a larger one in such a way that others cannot discern the presence or contents of the hidden message[3]. In contemporary terms, steganography has evolved into a digital strategy of hiding a file in some form of multimedia, such as an image, an audio file (like a .wav or mp3) or even a video file.

What is Steganography Used for?

Like many security tools, steganography can be used for a variety of reasons, some good, some not so good. Legitimate purposes can include things like watermarking images for reasons such as copyright protection. Digital watermarks (also known as fingerprinting, significant especially in copyrighting material) are similar to steganography in that they are overlaid in files, which appear to be part of the original file and are thus not easily detectable by the average person. Steganography can also be used as a way to make a substitute for a one-way hash value (where you take a variable length input and create a static length output string to verify that no changes have been made to the original variable length input)[4]. Further, steganography can be used to tag notes to online images (like post-it notes attached to paper files). Finally, steganography can be used to maintain the confidentiality of valuable information, to protect the data from possible sabotage, theft, or unauthorized viewing[5].

Unfortunately, steganography can also be used for illegitimate reasons. For instance, if someone was trying to steal data, they could conceal it in another file or files and send it out in an innocent looking email or file transfer. Furthermore, a person with a hobby of saving pornography, or worse, to their hard drive, may choose to hide the evidence through the use of steganography. And, as was pointed out in the concern for terroristic purposes, it can be used as a means of covert communication. Of course, this can be both a legitimate and an illegitimate application.

http://www.securityfocus.com/infocus/1684

Link to comment
Share on other sites
Experienced

Inctye

Posted
Posted

This is quite clever. But it is no different than many other programs that can be used for both legal and illegal activities. Take bittorent as a perfect example. Ultimately, it requires the users discretion to use the program for the ethically accepted purposes and also take the necessary precautions to protect them from harmful files when on the receiving end.

Link to comment
Share on other sites
Grand Master

+Xinok Subscriber²

Posted
  • Author
  • Subscriber²
Posted
How do we get this hidden information out of it? ME WANTS TO KNOW!!!!!!!!!!!
My guide has instructions on how to extract hidden files using the same program. You might have overlooked it the first time, so I added a large caption "How to Extract Files".

As for all steganography programs in general, every program has it's own methods and algorithms for hiding data, so you'll have to use the same program to extract the data that was used to hide it. You may also need a password if the hidden data is encrypted.

If a RAR archive was appended to another file, I think WinRAR is capable of finding the header and extracting the files directly without the need to separate it from the image file first.

Link to comment
Share on other sites
Grand Master

carmatic

Posted
Posted

so... it got me thinking

are there any image editing programs which can save to jpeg or other lossy formats, which have some kind of undisclosed feature that inserts some kind of 'tag' in every image it saves? for example a non-free program might tag its pictures with the license key of the user, or something.... so unless the image was manipulated before it got posted on the internet, it can be traced to one person...

Link to comment
Share on other sites
Grand Master

+Xinok Subscriber²

Posted
  • Author
  • Subscriber²
Posted
so... it got me thinking

are there any image editing programs which can save to jpeg or other lossy formats, which have some kind of undisclosed feature that inserts some kind of 'tag' in every image it saves? for example a non-free program might tag its pictures with the license key of the user, or something.... so unless the image was manipulated before it got posted on the internet, it can be traced to one person...

Yes, they're usually called invisible watermarks. There are tools which can remove invisible watermarks, but some algorithms are very persistent and don't go away very easily. It all depends on how trustworthy you are of the software you're using.
Link to comment
Share on other sites
  • 2 weeks later...
Contributor

tireless

Posted
Posted

1. Use 7-zip or WinRAR to compress the file(s),

Add password if you want.

2. Execute below command in the Command Prompt Window:

copy /b Image.gif+File.zip

-----------------------------------

Then if you want to unpack the file, Rename Image.gif to Image.zip ...

Link to comment
Share on other sites
Grand Master

carmatic

Posted
Posted

like the first post already says that this is merely attaching the zip file to the end of the file of the image, the only form of real security is the password in that zip file...

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.