 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Fri 22 Jun 2018, 03:28 All times are UTC - 4 |
 Forum index » Advanced Topics » Cutting edge |
|
stegosaurus - a poor man's steganography
Moderators: Flash, Ian, JohnMurga |
 
|
View previous topic :: View next topic |
| Page 1 of 2 [17 Posts] | Goto page: 1, 2 Next |
| Author | Message | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
technosaurus
 Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
so, its pretty simple, encrypt a file (optional) xz it to a container file (jpg, mpg, mov ...) the regular file will work as normal to get the hidden file just zcat container > original This was my original intention:
Last edited by technosaurus on Mon 11 Jan 2016, 18:09; edited 2 times in total |
|||||||||||||||||
|
||||||||||||||||||
 |
||||||||||||||||||
|
technosaurus
Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
so here is a working example:
This is a very generic implementation that can also be used as a poor man's steganography using only busybox applets (shell, stat, head and tail) the first file should be something containerized (so it knows where the end of its data is) and preferably known to have varying sizes jpeg is fine if the second file is small, but avi, mov or mpg if the second file is large The second file could be anything from text to a heavily encrypted file. I think I have it broken down into the simplest form for further modification you may not need to fuss with recovering the container file - if so you can remove the code related to it ... name1 size1 and head portions if you are trying to hide a file, you may not want to even have the file name included and just have the output defined by the user - also a fairly easy mod _________________ Check out my github repositories. I may eventually get around to updating my blogspot. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
PANZERKOPF
Joined: 16 Dec 2009 Posts: 282 Location: Earth |
Probably I found another way, without any additional tools. cat archive.tar.xz >>image.jpg xzcat image.jpg > archive.tar Seems xzcat successfully finds a signature (FD377A58h) at the end of "garbage" (mean jpeg's body) and decompresses an archive. _________________ SUUM CUIQUE. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
technosaurus
Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
nice, maybe instead of catting an xz file, we can just: xz -cze9 inputfile.tc >> outputfile.mpg edit: nope, neither way seems to be working - back to my previous example then _________________ Check out my github repositories. I may eventually get around to updating my blogspot. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
aragon
Joined: 15 Oct 2007 Posts: 1698 Location: Germany |
http://linux-hacks.blogspot.com/2009/02/theory-behind-hiding-zipped-file-under.html http://linux-hacks.blogspot.com/2009/02/hiding-zipped-files-under-jpg-images.html seems to be more simple. Aragon _________________ PUPPY SEARCH: http://wellminded.com/puppy/pupsearch.html |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
aragon
Joined: 15 Oct 2007 Posts: 1698 Location: Germany |
a second note: psteg is allready taken by an app from vovchik. http://www.murga-linux.com/puppy/viewtopic.php?t=57806 aragon _________________ PUPPY SEARCH: http://wellminded.com/puppy/pupsearch.html |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
technosaurus
Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
steg-osaurus it is then 
_________________ Check out my github repositories. I may eventually get around to updating my blogspot. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
DPUP5520
Joined: 16 Feb 2011 Posts: 813 |
There are many great stego programs out there u may want to check out and try such as hide and seek, outguess, snow, diit, and steghide just to name a few. _________________ PupRescue 2.5 Puppy Crypt 528 |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
technosaurus
Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
Yes there are, but they all have some limitation that would keep them out of standard puppy (size, dependencies, file limitations ...) All this needs is a GUI that uses bcrypt which is already included. The code in /usr/sbin/grub-md5-crypt and bcrypt_gui is a good starting point The encryption format can be anything though (including none) if bcrypt is replaced. _________________ Check out my github repositories. I may eventually get around to updating my blogspot. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
technosaurus
Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
here is the start of a basic gui
|
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
PANZERKOPF
Joined: 16 Dec 2009 Posts: 282 Location: Earth |
Oops... You are right, unxz fails. Testing zip/unzip archiver: cat archive.zip >> image.jpg unzip image jpg It works! Just says "Warning! ???? extra bytes at begining..." Note I used "full" unzip, busybox unzip fails. Testing arj archiver: cat archive.arj >> image.jpg arj e image jpg Works! _________________ SUUM CUIQUE. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
technosaurus
Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
http://lists.busybox.net/pipermail/busybox/2008-March/064569.html We can use tr to do the encryption And zip files can be password protected, but I may take a look at patching busybox zip first. Other possibilities: use it to add sfs file to kernel image _________________ Check out my github repositories. I may eventually get around to updating my blogspot. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
SFR
 Joined: 26 Oct 2011 Posts: 1657 |
ZIP files indeed have nice possibilities - what about concatenating a fake zip archive (fake = containing some unimportant stuff, a decoy) with a 7zip (preferably encrypted) archive?
As long as such file has .zip extension, it behaves like zip - "decoy" part can be listed/extracted (only full 'unzip' or 7zip; busybox's fails in this case, too) without any warnings and 'file somearch.zip' reports an ordinary zip file. Fooling the 'file' utility and lack of warnings is achieved by appending a part of original zip header to the beginning of the file (head -c 30 ...) and adjusting its internal structure (zip -A ...). After changing the extension to .7z we're gaining access to the "hidden" 7zip part and, suprisingly, 7zip has nothing against those 30 leading, extra bytes. BTW, to avoid unnecessary suspicions, the size of uncompressed "decoy" part should be greater than the size of concatenated zip+7z, what could be achieved by using high compression level and by including some "sparse" files into it. Pros: self-containability (no dedicated tool is needed, except generally available (p)7zip) and portability (tested also in Windoze - both parts can be separately accessed using 7zip, IZArc, PeaZip, WinZIP, WinRAR & ZipGenius). Cons: well, of course closer look (hexdump) or that unfortunate busybox behavior will reveal that something's not quite right. I have attached an exemplary zip+7z. Greetings!
_________________ [O]bdurate [R]ules [D]estroy [E]nthusiastic [R]ebels => [C]reative [H]umans [A]lways [O]pen [S]ource Omnia mea mecum porto. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
disciple
Joined: 20 May 2006 Posts: 6828 Location: Auckland, New Zealand |
It's kind of off topic, but when Flickr came out with their free 1TB my first thought was about how neat it would be to use it as a backup filesystem by zipping files and appending to jpegs. But then I saw that almost as soon as it came out someone had implemented the same idea but hiding the files in pngs instead: https://github.com/Rotten194/flickr-fuse 
_________________ Do you know a good gtkdialog program? Please post a link here Classic Puppy quotes ROOT FOREVER GTK2 FOREVER |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
|
technosaurus
Joined: 18 May 2008 Posts: 4819 Location: Kingwood, TX |
I wouldn't count on that except to share files short term, it is quite possible that they would decide to run image optimizers (optipng, jpegtran,...) or some other craziness on the images that would remove embedded data _________________ Check out my github repositories. I may eventually get around to updating my blogspot. |
|||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
stegosaurus - a poor man's steganography
| Page 1 of 2 [17 Posts] | Goto page: 1, 2 Next |
|
|
View previous topic :: View next topic |
|
Forum index » Advanced Topics » Cutting edge |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group