Getting started with Steganography using Steghide
Steghide is a data hiding tool that allows you to hide data in various kinds of supported picture and audio files. Features include the compression of the embedded data, encryption of the embedded data and automatic integrity checking using a checksum. Steghide Supports JPEG and BMP for images and WAV and AU files for audio.
Steghide also allows any file format for the cover file. This is great because it doesn’t matter what data we want to hide, Steghide has got us covered.
In this example, I am going to be hiding the README. license file that is included with the parrot OS operating system into a picture.
We can do this by running the command:
steghide embed -cf picture.jpg -ef README.license
It then asks you for the password you would like to use. ensure that this is a strong password that you don’t forget, because if you forget your password then you will not be able to recover the data you embedded into the image.
This is where all the magic happens, you will have a new picture with the embedded text file. I have put a copy of the new picture and old picture below so you can see the difference between the picture that has got the embedded text in and the one that doesn’t.
Original picture is on the left and the embedded picture is on the right.
As you can see from the two pictures, they are identical to the eye, but when we have a look at the two pictures file sizes. it’s a completely different story. As you can see from the picture below, the file size of the embedded picture is more than double the amount of memory than the original picture.
To be able to decode the picture and obtain the data that has been hidden inside it, we need to use the same tool we used to embed the data into the image. (Note if you still have a copy of the data you embedded into the picture in the same directory, steghide will ask you if you would like to override the data) This is simply done by running the command:
steghide extract -sf QuickTimeTech.jpg
As you can see from the picture above, steghide decoded the data we embedded into the picture. We can decode the data as many times as we want from the embedded picture, as it stays embedded with the data even after we have extracted a copy.
Don’t forget this method can be used to hide any type of file you want inside of an image or audio file.