There may come a time when you need to hide some sensitive data and send it in a email. Although there are better ways to do this with GPG keys, the old hide the code in some thing else trick is still a good one. The program we will use for this is called steghide. The source and more information can be found here.
So lets get started. After you have it compiled you need to get yourself a .jpg image and some super secret data.
- r00t@infected ~/evilstuff $ ls -l
- total 28
- -rw-r--r-- 1 r00t r00t 373 Nov 12 21:52 ccnumbers.txt
- -rw-r--r-- 1 r00t r00t 24128 Nov 12 21:53 failbus.jpg
- r00t@infected ~/evilstuff $
Next we need to check how much secret text our .jpg will hold. The bigger the picture the more stuff we can hide in it.
- r00t@infected ~/evilstuff $ steghide info failbus.jpg
- "failbus.jpg":
- format: jpeg
- capacity: 1.3 KB
- Try to get information about embedded data ? (y/n) n
- r00t@infected ~/evilstuff $
Next we will embed our secret file (fake credit card numbers) in the picture and give it a good pass phrase. As long as the recipiant knows the passphrase as well he will be able to extract the data with ease.
- r00t@infected ~/evilstuff $ steghide embed -cf failbus.jpg -ef ccnumbers.txt
- Enter passphrase:
- Re-Enter passphrase:
- embedding "ccnumbers.txt" in "failbus.jpg"... done
So now I would email this file to another person and then perhaps use SMS to relay the passphrase or something along those lines. When it gets there it can be easily decrypted.
- r00t@infected ~/evilstuff $ rm ccnumbers.txt
- r00t@infected ~/evilstuff $ ls -l
- total 24
- -rw-r--r-- 1 r00t r00t 24128 Nov 12 21:53 failbus.jpg
- r00t@infected ~/evilstuff $ steghide extract -sf failbus.jpg
- Enter passphrase:
- wrote extracted data to "ccnumbers.txt".
- r00t@infected ~/evilstuff $ ls -l
- total 28
- -rw-r--r-- 1 r00t r00t 373 Nov 12 21:57 ccnumbers.txt
- -rw-r--r-- 1 r00t r00t 24128 Nov 12 21:53 failbus.jpg
- r00t@infected ~/evilstuff $ cat ccnumbers.txt
- Mastercard
- 5289111567699364
- 5463364524466504
- 5513280173843290
- 536188524284 9343
- 5414132417846706
- 5372796081916696
- 5377402570938029
- 5294991973880481
- 52 90931298392295
- 5349131004994481
- VISA 16 digit
- 4024007108182014
- 4556592983294345
- 4929749601692512
- 4716305358881779
- 4 916211371632991
- 4929362807786953
- 4916441689842046
- 4024007189279051
- 4929645 162050480
- 4539910852842113
- r00t@infected ~/evilstuff $
“A picture is worth a thousand words”
Scene of the Cybercrime (Paperback)
|
||||||||
The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic Investigator (Paperback)
|
||||||||
Hi, perhaps this entry could be off topic but anyhow, I have gone surfing around your site and it looks extremely awesome. It’s obvious that you know your subject and you seem fervent about it. We are creating a fresh site and I am striving to make it look good, and provide top quality posts. Having gleaned much at this site in addition to I anticipate additional quality content and will be returning soon. Thanks you.