Hack This Site (TOR .onion HTTPS - HTTP) - IRC - Discord - Forums - Store - URL Shortener - CryptoPaste   ---   Like Us - Follow Us - Fork Us
Hack This Site
Support HackThisSite - Advertise with us!
[A]s we enjoy great advantages from the inventions of others, we should be glad of an opportunity to serve others by any invention of ours; and this we should do freely and generously. ~ ben franklin

Steganography 101 - Part 1
Published by: senjespar, on 2011-06-27 01:13:21
Steganography 101
Part 1 of ??

EDIT: Sorry about the images, you'll need to copy & paste into the browser.. the IMG tag doesn't work. Maybe I can get a ZIP file up here at some point...


Steganography is "the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existance of the message". Anyone who is interested in cryptography and/or history has probably heard of the ancient Greeks who used various physical methods to hide messages: one common story is of messengers engraving secrets on a wooden tablet which was then covered in wax. Anyone who stopped the messanger to inspect his posessions simply saw a blank wax-covered tablet, or a wax-covered tablet with mundane information. Upon arrival at his destination, the recipient would scrape the top layer of wax off, revealing the message hidden underneath. Another method was to write the secret message on the shaved head of a messanger, and then wait until his hair grew back. This obviously took quite a while, but it was normal for messages to take days or weeks to arrive during that time. Another example with which we're all probably familiar with is invisible ink. The Revolutionary War-era Culper spy ring was known to use this technique, and according to all accounts that I've read, invisible ink is still used today in intelligence circles.

I should also distinguish cryptography from steganography with a couple thoughts:
1) Steganography hides text in plain sight, while cryptography scrambles plaintext (original message) into ciphertext (coded message)
2) Even though a message is hidden, you should always encrypt it as well (my opinion, anyway)
3) Every once in a while, you'll hear someone distinguish between a "code" and a "cipher". In the cryptography world, they're two different things, but are basically the same for purposes of this article.
4) You can easily hide messages in digital images with the most basic software out there (Hex editors, MS Paint, etc)
5) Other media types lend themselves to steganography, too. Messages can be hidden in audio/video files, or even plain text!
6) US government bureaus are well aware of the use of steganography, and there are fancy programs out there to detect steganography in various files.

If you're wondering why that list was unnecessarily long and perhaps even a bit random, take a look at the first capital letter of each item, including the "I" in the first sentance. That's another method of steganography, with a popular example being Lewis Carrol (of Alice in Wonderland fame). He often hid messages in his poems, using the first (or last) letter in each line.

Now that I've bored you with a very brief history and introduction, now on to the modern-day application of stegnaography in digital images. There are several different techniques that I'll discuss here, and as long as you're creative, I'm sure you can come up with a few of your own.

1. Hiding the text in the image
[img]http://postimage.org/image/13ye28wec/[/img]
This is a very basic technique. Take a look at the image you see here, then download it to your computer and open it with any image editing software. You don't need anything fancy for this - MS paint will do. It looks like a normal Starbucks logo, but I used the eyedropper tool to find the RGB value of the green border, then increased the "Green" value from 94 to 100. Go ahead, open it up in paint. Now, take the paint bucket tool (or whatever your program uses to fill an area), choose "White", then fill the green border. You should see a message appear:

[IMG]http://postimage.org/image/13yw95ptw/[/IMG]

This works well for short messages, or images with a single background color. You can use it on more complex images, but you'll have to re-color each letter to match the background.


What are RGB values, you ask? Well, the computer uses varying levels of the three primary colors for light (Red, Green, Blue). The values for each range from 0-255, indicating the level of each color. (In HTML/CSS, you'll see these as hexidecimal values, which is just the RGB values translated from decimal to hex.) A value of all zeros (0-0-0, or #000000) is black, and values of 255-255-255 or #FFFFFF are white. (As a side note, whenever the values are all equal, you'll get a shade of gray.)

The RGB values play a role in our next method: LSB replacement.

2. Least-significant bit replacement

LSB replacement is probably the most popular method for steganography. Why? Because it's simple, efficient, and easy to do! For the casual user, I recommend looking into QUICK STEGO. It's free, lightweight, and does the job well for basic purposes. You can also skip the math and technical stuff that follows. For a technical article on one program's methodology, see: http://www.csjournals.com/IJCSC/PDF1-2/24..pdf

For anyone still reading, LSB begins with taking the binary equivalent to the RGB value. Let's use MS Paint's standard "red" color (237-28-36) or #ED1C24. Open up Calculator (Windows), and select "Programmer" from the "View" menu. Enter 237 in decimal mode, then change to binary (8 digits). Repeat for 28 and 36. You should get:

11101101 00011100 00100100 **Note that I padded the leading zeroes for 28 and 36 to make 8 bits (or one byte).

Let's take a breather here. A byte is made up of 8 bits, with a bit being either a 1 or 0. Since we have three bytes (or 3x8 bits), we are using 24-bit color.

Now from this point on, each stego program uses their own method of encryption. I'm going to encode "X", using the unicode value 58 (111010).

Now, we're going to take the LEAST SIGNIFICANT BIT(s) - which are the ones on the right in each byte, and replace the last two bits with our message.



11101101 00011100 00100100 -- Initial RGB values
------11 ------10 ------10 -- Unicode Character 58, in binary format

11101111 00011110 00100110 -- New RGB values

239 30 38 239-30-38 (RGB)
EF 1E 26 #EF1E26 (Hex)

Compare these values to the originals: (237-28-36) or #ED1C24... it's not a difference that can be noticed to the human eye when done on one pixel only. In the image here, you'll see the "standard red" background, with the random circles in our "coded red" color. Yes, the difference is noticible, but again - you would only be doing this in one pixel. Now try and find that one stray pixel that's been encoded.
[IMG]http://postimage.org/image/13zhr5890/[/IMG]
Now, if we were to continue to encode this manually, we would have to:
1) Translate each character of our message into ASCII, Unicode, etc, then to binary
2a) Figure out which pixels to perform the operation on (lets say every 7th pixel)
2b) Calculate the binary value for each pixel
3) Complete the LSB replacement
4) Re-color the pixel to match the value in step 3

To decode, we would:
1) Use the eyedropper tool to get the RGB value of every 7th pixel, calculate the binary value, and take the two last digits.
2) Re-compose the values from step 1 into a single value
3) Translate from binary to decimal
4) Look up the equivalent value (ASCII/Unicode)
5) Put the message back together again

This method I've just described is a painstakingly tedious method, and probably not useful for all intents and purposes. But you get the basic idea. As I said before, each program has their own algorithm, and several use logical operators on the different bits. That being said, most stego programs will only decode certain algorithms, and for best results both sender and recipient should use the same program.



3. USING A HEX EDITOR
Assuming you have an image of a suitable size and complexity, this is a pretty quick method. Simply open the file in a hex editor, scroll down until you find the random characters, and type your message. "Save As" another image, and make sure you didn't trash the file by over-writing something important. See the two lighthouse pictures for an example. If you compare the two, you'll notice a difference in the far bottom-right corner, due to overwriting image data with the hex editor. Take notice of the smiley face picture - I wrote a message using a hex editor, and screwed the image up pretty good!

[IMG]http://postimage.org/image/13zuzg078/[/IMG]

[IMG]http://postimage.org/image/13zmpr9qc/[/IMG]

[IMG]http://postimage.org/image/1404wo35w/[/IMG]

[img]http://postimage.org/image/140d6ctms/[/img]

If you are suspecting a hidden message, it's pretty much a dead giveaway. But suppose you uploaded the lighthouse picture to your favorite social media webiste - I'm willing to bet that most of your friends wouldn't think twice about the little blotch on the bottom (if they even notice it!).
Cast your vote on this article
10 - Highest, 1 - Lowest

Comments:
 Published: 11 comments.
 Sho7 - 05:22 pm Thursday July 14th, 2011
Report this post
Avatar

It's a good start to understand steganography, thanks dude (:


 Amir malik - 12:54 pm Saturday July 16th, 2011
Report this post
Avatar

Whao.... I didn't know that!


 hoanglong1712 - 11:47 am Wednesday July 20th, 2011
Report this post
Avatar

it's hard to understand


 adomian - 03:06 am Friday August 26th, 2011
Report this post
Avatar

Another thing you can do that is similar to the first method you mentioned is use Photoshop or some other capable program to make a 32-bit image then have one layer be a white background and the other white text, but make either the background or the text a value above 255, 255, 255 (which is white), which will make it super bright. The beauty of this is that the screen cannot display anything brighter than white, but if you add a 32-bit effect, such as levels, you can lower the normal white to almost black before the super bright text gets any darker, thus revealing the message. This is probably less practical, though.


 Huggles - 05:43 pm Friday October 07th, 2011
Report this post
Avatar

awesome article :)


 brianlovescheese - 04:00 am Tuesday October 11th, 2011
Report this post
Avatar

lolz @ hoanglong1712


 kashmindersingh - 02:28 pm Tuesday October 18th, 2011
Report this post
Avatar

nice...keep posting..


 NoobyProgrammer - 01:30 am Friday December 09th, 2011
Report this post
Avatar

Nice nice! Can't wait to read more!


 Lunisol - 04:37 am Tuesday January 03rd, 2012
Report this post
Avatar

One of my favorite things to do is simply open a .jpg in notepad, scroll to the bottom, type my message, then save as .jpg and boom. hidden message in a picture. to open, just open the pic in notepad and scroll to the bottom.


 ElfangorsSecret - 11:52 am Monday January 23rd, 2012
Report this post
Avatar

I think he just pulled a petra on our beanstalk


 sfBlackfox - 01:49 pm Wednesday February 22nd, 2012
Report this post
Avatar

One thing I always liked using was a binary copy of a compression file (like zip) and a jpg/png file into one file. Both files will be merged into one, and all you need is to change the extension
End Footer

HackThisSite is the collective work of the HackThisSite staff, licensed under a CC BY-NC license.
We ask that you inform us upon sharing or distributing.

Page Generated: Thu, 17 Apr 2025 18:56:00 +0000
Web Node: www01 | Page Gen: 0.053s | DB: 10q
Current Code Revision: v3.2.5 (Sun, 22 May 2016 20:29:51 +0000)

  Page View Counter

retired