Until the end of JPG file (denominated with FF D9). You could cut the first part of the file from the header 'DD F8 FF' (start of JPG file) So if you find a JPG file (file1.jpg) with extra information after the expected trailer, The same principal however can be used on a single file if it appears that extra information is available within the file. Some programs used for such operations on linux and available on most PenTest distros are for instance 'foremost' & ' scalpel' This is usually done on whole disc images, mainly for data recovery purposes on for instance damaged or unmounted drives requiring data extraction. You will be prompted for a password, if there is none, simply hit enter to leave blankĪnd steghide will attempt to extract the hidden data.įile Carving is the process of extracting files from data based on headers and trailers. To later retrieve this information you would run steghide as follows You will be prompted to enter a password which you can do or else leave blank for no password. Steghide embed -cf forest.jpg -ef passwords.txt -sf forest1.jpg You can also specify a different filename for the output using -sf Steghide embed -cf forest.jpg -ef passwords.txt If for instance you have a file 'passwords.txt' and want to hide it in an image 'forest.jpg' Steghide is a popular one which can hide information in various filetypes (JPG/BMP/WAV/AU)Īnd is installed on most PenTest distros. There are quite a few programs out there that can do this, but none are really maintained. Of the file should know or be able to extract. Stegonography is the method of hiding information in a file in a way that only the recipient Run 'exiftool file.jpg' from the command line and you will be presented with information available in the file which can include things like GPS positions camera make/model, software, comments, etc etc. Image files often contain Exif data which can be read in the hex of a file, but using a tool such as Exiftool greatly simplifies this.Įxiftool will also give you information on the file type.Įxiftool can be run from the command line, and there is also a Windows GUI for exiftool available. LOOKING AT THE BASIC INFORMATION OF AN IMAGE FILE The first stage is to have a look at the file information and see what information is revealed. The below done on VMWare Image of BackTrack5 R3 and on a Windows 7 PC. This post is about the simple methods possible to use to hide info from the un-informed, the methods described are not supposed to be terribly secure, but rather, interesting.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |