Steganography and Linux: A short steghide howto

Here I will how to hide a file, encrypted and passwordprotected in anonther file, for example a picture.

First you have to install “steghide”, use synaptic or whatever you want…

Steghide can use *.bmp,*.jpg, *.wav und *.au-files to hide data. I would recommend *.jpg, because all the other formats are quite unusual today in most pc-enviremonts(you want send a friend a song in *.wav-format and you certainly do not store your holiday pictures as *.bmps…)

To hide a file you use this command in the terminal(there is no gui for steghide):

steghide embed -cf picture.jpg -ef secrettext.txt

Of course you have to give the path to both files, so an example would be:

steghide embed -cf /home/usr/pictures/picture.jpg -ef /home/usr/secrettext.txt

Now steghide will ask you for a password and then embed the file secrettext.txt in the file picture.jpg. And it will encrypt the file with AES, so if you do not know the password you just will not know that there is any file stored in the picture…

Then you just get the message(sry for german):

steghide: Mit diesem Passwort konnten keine Daten extrahiert werden!
(With this password no data could be extracted)

Of course the size of the file you can store in another file is limited, if you just want to know how big the file can be, enter:

steghide info picture.jpg

(of course yo have, as said above, to give the path, so for example steghide info /home/usr/pictures/picture.jpg)

and steghide will tell you the maximum filze size!

With the command

steghide extract -sf picture.jpg

you get all your data back, just enter your password and the hidden file will be stored in the same folder as the picture…

Update: If this howto is not working for you, you probably have to use sudo in front of all commands! Or sudo -i as the first command, so you get sudo(admin)-rights for everything you enter in this terminal…

One Response to Steganography and Linux: A short steghide howto

  1. Leafman says:

    Yeah, the sudo should only be for ubuntu users though🙂

    Btw you can end either embed/extract command with -p *Password here* so you won’t have to enter the paswword twice.

    Nice howto🙂
    *German roots ftw lol

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: