Hide file inside a JPEG image

By +Xinok
in Essential Guides

 Share

Recommended Posts

Grand Master

+Xinok Subscriber²

Posted
  • Subscriber²
Posted (edited)

This guide will teach you how to hide files inside JPEG images using a program called JPHS for Windows. The program can be downloaded here:

http://linux01.gwdg.de/~alatham/stego.html

I've tested and verified JPHS works on Windows XP SP3 and Windows 7 beta. I haven't tested it on Vista, but it probably works.

The program is over 9 years old, so it's interface is not the best. There are a few reasons why I chose to use this one though:

  • It allows you to hide files inside of JPEG images. Not all of us use BMP or PNG, and those are obvious targets for steganography anyways.
  • It modifies the color of the pixels in the image in a way that is very hard to detect. Most steganography tools will simply append to the JPEG file, or modify unused bits, methods which are very easy to detect.
  • Because JPEG files are lossy, it gives reasonable doubt whether noise is caused by the JPEG format or steganography.
  • The program uses Blowfish encryption. This program was written before AES was available, but Blowfish is still a secure encryption algorithm.

There are some precautions you should take:

  • Don't use images with solid colors, such as a large blue sky. This can make it easy to detect embedded files, as I'll demonstrate later in this guide.
  • Based upon my own tests, this program will not preserve JPEG meta data, created / modified times, or any data appended to the JPEG file.
  • Never modify a JPEG image that contains a hidden file. Doing so will most likely mean you'll lose the hidden file.
  • Never try to hide a file in a JPEG image that already contains a hidden file. Doing so will cause you to lose the hidden file already in the JPEG.
  • Delete the original picture after you hide a file in it. It may be possible to detect a hidden file if there are two versions of the same picture available to compare.
  • The program is portable, so if possible, store it on removable media. Having steganography software on your computer makes it pretty obvious you might be hiding data.

To get started, download the file from the URL above. There are three EXEs in the archive:

jphide.exe and jpseek.exe are command-line based.

Jphswin.exe is the one I'll be showing you how to use in this guide because it has a GUI.

The first thing you'll see is the user agreement. Read it if you want, and then click "Yes, I accept these terms".

post-57213-1231104155.png

First, you have to choose the JPEG image you want to use to hide a file, otherwise known as the "carrier". On the file menu, click "Open jpeg".

The larger the JPEG file is, the more data you can hide inside of it.

Try to choose a JPEG image with a lot of detail. Avoid images with a lot of solid color, such as a cloudless sky, as this may make it possible to detect a hidden file.

post-57213-1231104119.png

In the window, you should see two values:

Approximate max capacity is an estimate of the largest file this image can hold. This is only an estimate and the limit may be smaller than what this value says.

Recommended limit is a recommendation for the maximum file size you should store in this image. The smaller the file is, the harder it is to detect. Going above the recommended limit may mean it's possible to detect a hidden file.

On the file menu, click "Hide" to choose a file you want to hide in the JPEG image.

post-57213-1231104570.png

First, the program will ask for a password. This password will be required to extract the hidden file later on.

post-57213-1231104552.png

After you type your password, you can browse for the file you want to hide.

If the file is too large, the program will warn you. Convenient! :)

Now that you've chosen your JPEG image and the file you want hidden, you can save the modified JPEG image.

Save jpeg will overwrite the original JPEG image with the new one. Probably best not to use this, just to be safe.

Save jpeg as will allow you to save the new JPEG to a separate file.

post-57213-1231105154.png

After you're done, the program should look something like this.

The new JPEG file may come out bigger or smaller, this is not an issue.

post-57213-1231105324.png

How to Extract Files

Now that you know how to hide files, you need to know how to extract them.

Start off by clicking Open jpeg on the file menu.

Browse for the JPEG image with the hidden file in it.

Then click Seek on the file menu.

The program will ask for a password. Type in the same password you used when hiding the file.

Then you can choose where to extract the file to. Unfortunately, the program doesn't save the original file name. You'll have to manually type the file name and file extension.

post-57213-1231105912.png

At this point, if you typed in the wrong password, or if the JPEG image simply doesn't contain a hidden file, the program will say "Passphrase wrong". If this happens, simply click Seek to attempt to extract the file again.

When you successfully extract a file, the program should look something like this:

post-57213-1231106043.png

This was my own test. The file was extracted correctly.

post-57213-1231106224.png

To demonstrate my point earlier, you should not use images with large amounts of the same color. I decided to hide a file in a picture with a large blue sky. This is the picture I used (resized, the original is 1600x1200).

post-57213-1231106341.jpg

This is what happens, before hiding a file and after hiding a file.

You can easily see the noise in the right picture caused by the steganography.

So use large, detailed pictures!

post-57213-1231106402.png post-57213-1231106408.png

This is my first guide on Neowin. Hope some of you find it useful :)

Edited by Xinok
Link to comment
https://www.neowin.net/forum/topic/717378-hide-file-inside-a-jpeg-image/
Share on other sites
Mentor

-Vivicidal-

Posted
Posted
Alternatively, you can use a much simpler method of attaching a .rar file to a .jpg as follows:

windows: copy /b input.jpg + input.rar ouput.jpg

linux: cat pic.jpg file.rar > result.jpg

He already thought of that:

It modifies the color of the pixels in the image in a way that is very hard to detect. Most steganography tools will simply append to the JPEG file, or modify unused bits, methods which are very easy to detect.
Grand Master

Budious

Posted
Posted

Steganography is a security by obscurity approach to hiding data; whereas cryptography is a encrypted data source which does not masquerade as another data format. So rather you use steganography analysis to detect common methods of implanting hidden data into a image file, or simply append an encrypted .rar to a .jpg, your primary goal is obscurity of the information.

Grand Master

+Gary7 Subscriber²

Posted
  • Subscriber²
Posted
Steganography is a security by obscurity approach to hiding data; whereas cryptography is a encrypted data source which does not masquerade as another data format. So rather you use steganography analysis to detect common methods of implanting hidden data into a image file, or simply append an encrypted .rar to a .jpg, your primary goal is obscurity of the information.

So then the reason to do this would be to hide a file such as a virus in a JPEG image. Hmmm. No thanks, I don't need to know this.

Grand Master

Budious

Posted
Posted
So then the reason to do this would be to hide a file such as a virus in a JPEG image. Hmmm. No thanks, I don't need to know this.

Well the hidden information would not be executable. Any virus would have to be manually extracted and run by the user, so this scenario would be unlikely. Hiding content in image files is seen on Internet image boards and newsgroups; typical scenarios I have seen recently are embedding a .rar picture set into a single image from the set, or embedding an ebook into an image of the book cover.

Experienced

winlonghorn

Posted
Posted
Well the hidden information would not be executable. Any virus would have to be manually extracted and run by the user, so this scenario would be unlikely. Hiding content in image files is seen on Internet image boards and newsgroups; typical scenarios I have seen recently are embedding a .rar picture set into a single image from the set, or embedding an ebook into an image of the book cover.

Ok, but how do you view the files that are hidden inside then? :)

Grand Master

+Gary7 Subscriber²

Posted
  • Subscriber²
Posted
Steganography Revealed

Kristy Westphal 2003-04-09

Over the past couple of years, steganography has been the source of a lot of discussion, particularly as it was suspected that terrorists connected with the September 11 attacks might have used it for covert communications. While no such connection has been proven, the concern points out the effectiveness of steganography as a means of obscuring data. Indeed, along with encryption, steganography is one of the fundamental ways by which data can be kept confidential. This article will offer a brief introductory discussion of steganography: what it is, how it can be used, and the true implications it can have on information security.

What is Steganography?

While we are discussing it in terms of computer security, steganography is really nothing new, as it has been around since the times of ancient Rome. For example, in ancient Rome and Greece, text was traditionally written on wax that was poured on top of stone tablets. If the sender of the information wanted to obscure the message - for purposes of military intelligence, for instance - they would use steganography: the wax would be scraped off and the message would be inscribed or written directly on the tablet, wax would then be poured on top of the message, thereby obscuring not just its meaning but its very existence[1].

According to Dictionary.com, steganography (also known as "steg" or "stego") is "the art of writing in cipher, or in characters, which are not intelligible except to persons who have the key; cryptography" [2]. In computer terms, steganography has evolved into the practice of hiding a message within a larger one in such a way that others cannot discern the presence or contents of the hidden message[3]. In contemporary terms, steganography has evolved into a digital strategy of hiding a file in some form of multimedia, such as an image, an audio file (like a .wav or mp3) or even a video file.

What is Steganography Used for?

Like many security tools, steganography can be used for a variety of reasons, some good, some not so good. Legitimate purposes can include things like watermarking images for reasons such as copyright protection. Digital watermarks (also known as fingerprinting, significant especially in copyrighting material) are similar to steganography in that they are overlaid in files, which appear to be part of the original file and are thus not easily detectable by the average person. Steganography can also be used as a way to make a substitute for a one-way hash value (where you take a variable length input and create a static length output string to verify that no changes have been made to the original variable length input)[4]. Further, steganography can be used to tag notes to online images (like post-it notes attached to paper files). Finally, steganography can be used to maintain the confidentiality of valuable information, to protect the data from possible sabotage, theft, or unauthorized viewing[5].

Unfortunately, steganography can also be used for illegitimate reasons. For instance, if someone was trying to steal data, they could conceal it in another file or files and send it out in an innocent looking email or file transfer. Furthermore, a person with a hobby of saving pornography, or worse, to their hard drive, may choose to hide the evidence through the use of steganography. And, as was pointed out in the concern for terroristic purposes, it can be used as a means of covert communication. Of course, this can be both a legitimate and an illegitimate application.

http://www.securityfocus.com/infocus/1684

Experienced

Inctye

Posted
Posted

This is quite clever. But it is no different than many other programs that can be used for both legal and illegal activities. Take bittorent as a perfect example. Ultimately, it requires the users discretion to use the program for the ethically accepted purposes and also take the necessary precautions to protect them from harmful files when on the receiving end.

Grand Master

+Xinok Subscriber²

Posted
  • Author
  • Subscriber²
Posted
How do we get this hidden information out of it? ME WANTS TO KNOW!!!!!!!!!!!
My guide has instructions on how to extract hidden files using the same program. You might have overlooked it the first time, so I added a large caption "How to Extract Files".

As for all steganography programs in general, every program has it's own methods and algorithms for hiding data, so you'll have to use the same program to extract the data that was used to hide it. You may also need a password if the hidden data is encrypted.

If a RAR archive was appended to another file, I think WinRAR is capable of finding the header and extracting the files directly without the need to separate it from the image file first.

Grand Master

carmatic

Posted
Posted

so... it got me thinking

are there any image editing programs which can save to jpeg or other lossy formats, which have some kind of undisclosed feature that inserts some kind of 'tag' in every image it saves? for example a non-free program might tag its pictures with the license key of the user, or something.... so unless the image was manipulated before it got posted on the internet, it can be traced to one person...

Grand Master

+Xinok Subscriber²

Posted
  • Author
  • Subscriber²
Posted
so... it got me thinking

are there any image editing programs which can save to jpeg or other lossy formats, which have some kind of undisclosed feature that inserts some kind of 'tag' in every image it saves? for example a non-free program might tag its pictures with the license key of the user, or something.... so unless the image was manipulated before it got posted on the internet, it can be traced to one person...

Yes, they're usually called invisible watermarks. There are tools which can remove invisible watermarks, but some algorithms are very persistent and don't go away very easily. It all depends on how trustworthy you are of the software you're using.
  • 2 weeks later...
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Samsung is shutting down yet another app used by millions

      By Neonix1 · Posted

      Samsung messages is still alive and well. They reversed that and decided to our more effort into it.
    • Microsoft hides these secret Windows 11 performance boost settings available on every PC

      By richstad · Posted

      I think every American should have a course in a 'dry sense of humour' at school; and perhaps 'using sarcasm in jest' oh, and also 'the use or irony in humour'.
    • Major Xbox layoffs may claim South of Midnight developer Compulsion entirely

      By PeterTHX · Posted

      What they really need to do is automatically spell "loses" and "lose" correctly since nobody seems to know how to anymore. Then they blame spellcheck/autocomplete and don't realize autocomplete is just filling in the word for them automatically so it was misspelled in the first place.
    • Here is how I fixed Windows 11 not booting after clean installation

      By rseiler · Posted

      If someone chooses to continue using SB and therefore goes through the manual intervention in the thread, afterwards the BSOD problem is gone. Whether they then re-enable the task doesn't matter, they're done, though on such machines it might pay to keep it disabled in case the next update (if there is a next) causes the same problem. OTOH, if someone disables SB in the BIOS, the problem is also gone. Incidentally, I noticed that this task exists even on machines that don't support SB. It's just installed across the board...and runs. Doing what on such machines is a little hazy.
    • qBittorrent 5.2.2

      By Copernic · Posted

      qBittorrent 5.2.2 by Razvan Serea The qBittorrent project aims to provide a Free Software alternative to µtorrent. qBittorrent is an advanced and multi-platform BitTorrent client with a nice user interface as well as a Web UI for remote control and an integrated search engine. qBittorrent aims to meet the needs of most users while using as little CPU and memory as possible. qBittorrent is a truly Open Source project, and as such, anyone can and should contribute to it. qBittorrent features: Polished µTorrent-like User Interface Well-integrated and extensible Search Engine Simultaneous search in most famous BitTorrent search sites Per-category-specific search requests (e.g. Books, Music, Movies) All Bittorrent extensions DHT, Peer Exchange, Full encryption, Magnet/BitComet URIs, ... Remote control through a Web user interface Nearly identical to the regular UI, all in Ajax Advanced control over trackers, peers and torrents Torrents queueing and prioritizing Torrent content selection and prioritizing UPnP / NAT-PMP port forwarding support Available in ~25 languages (Unicode support) Torrent creation tool Advanced RSS support with download filters (inc. regex) Bandwidth scheduler IP Filtering (eMule and PeerGuardian compatible) IPv6 compliant Available on most platforms: Linux, Mac OS X, Windows, OS/2, FreeBSD qBittorrent 5.2.2 changelog: FEATURE: Use D-Bus to show file in file managers (Chocobo1) #24340 BUGFIX: Fix friendlyUnitCompact precision calculation (vafada) #24323 BUGFIX: Remove all top-level folders (glassez) #24333 BUGFIX: Use proper API for checking exit status (Chocobo1) #24349 BUGFIX: Delete stale lockfile when hostname mismatch (TurboTheTurtle, glassez) #24363 BUGFIX: Fix wrong removal procedure of watched folder paths (Chocobo1) #24413 BUGFIX: Don't reannounce before interface changes are applied (glassez) #24447 BUGFIX: Use Latin script for Bosnian locale name (Andy Ye) #24342 WEBUI: Fix performance of global checkbox toggling (tehcneko) #24316 WEBUI: Fix Safari transfer list header misalignment (Piccirello) #24377 WEBUI: Fix error when submitting magnet before metadata loads (Piccirello) #24378 WEBUI: Use correct row id when updating Rss Downloader feed selection (Chocobo1) #24402 WEBUI: Use SameSite=Lax for session cookie to fix cross-site login (Piccirello) #24422 WEBUI: Bring back properties panel expand/collapse button (vafada) #24430 WEBAPI: Only use X-Forwarded-Host header when reverse proxy support is enabled (Chocobo1) #24457 RSSS: Fix "RSS Smart Episode Filter" RegEx (nathanon-akk, glassez) #24398 RSS: Fix previously matched episode format (glassez) #24452 WINDOWS: Fix Python fallback search path (TurboTheTurtle) #24325 WINDOWS: NSIS: Allow to install x64 binary on ARM64 (Chocobo1) #24358 Download: qBittorrent 5.2.2 | 41.1 MB (Open Source) Download: qBittorrent 64-bit installer (qt6) | 43.6 MB Links: qBittorrent Home page | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • One Year In
      Console General earned a badge
      One Year In
    • One Year In
      Twozo Technologies earned a badge
      One Year In
    • One Month Later
      Twozo Technologies earned a badge
      One Month Later
    • Week One Done
      Twozo Technologies earned a badge
      Week One Done
    • Veteran
      branfont went up a rank
      Veteran

  • Popular Contributors

    1. 1
      +primortal
      493
    2. 2
      +Edouard
      182
    3. 3
      PsYcHoKiLLa
      125
    4. 4
      Steven P.
      85
    5. 5
      neufuse
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!