Steganography - How to hide Files behind Images..!

Overview:

Here, you are going to see :

• What is Steganography?
• Using Stegosploit.
• How to hide Files behind an Image?
• What is the Importance of Steganography in Hacking?
• How to prevent yourself from this attack?
• How can you extract Hidden files behind the Image?
• Some real time examples.
• And much more..

Introduction:

Before going forward to the trick, let me tell you what Steganography really is..!

Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video.

And now let me introduce you to Stegosploit.

The technique lets hackers hide malicious code inside the pixels of an image, hiding a malware exploit in plain sight to infect target victims.

Next time when someone sends you a photo of a cute cat or a hot chick than be careful before you click on the image to view — it might hack your machine.

Yes, the normal looking images could hack your computers — thanks to a technique discovered by security researcher Saumil Shah from India.

And yes, this is really true. A situation happened with me about 6 months ago. Here, we were asked to post a picture of cute cat on our facebook timeline and when you did, it blocked your facebook account. At that time, many people called it as a bug in facebook but was is really a malicious code or some abusive file hidden behind the image. If you want to get more details, search Google for it.

Just look at the Image and you are Hacked..! 

Shah demonstrated the technique during a talk titled, "Stegosploit: Hacking With Pictures," he gave on Thursday at the Amsterdam hacking conference Hack In The Box.

According to Shah, "a good exploit is one that is delivered in style."

Keeping this in mind, Shah discovered a way to hide malicious code directly into an image, rather than hiding it in email attachments, PDFs or other types of files that are typically used to deliver and spread malicious exploits.

To do so, Shah used Steganography — a technique of hiding messages and contents within a digital graphic image, making the messages impossible to spot with the naked eye.

Importance of Steganography:

There are various fields in which steganography is useful. Some of them are listed below:

• Hack into someone's PC.
• Share your secret documents with others Securely.
• Hide your any type of Files.
• Spread Virus over social media through an Image.
• And much more..

Here, my main aim to make you learn this is to hide your secret data. We all have secret files that we don’t want anyone to look at. Most common way of hiding important files was either creating a folder inside a folder or some people change the folder type to hidden. But both of these ways are not safe and anyone with little intelligent can easily find the folder you wish to hide.  Today I will show you how you can store a folder inside an image so that who ever wants to find your folder will have a really hard time finding it.

How to hide Documents inside a simple Image?

To do this a basic knowledge of command prompt is sufficient. Even if you don’t have it, I will make sure the steps are very easy for you to follow.

Step 1: First select an Image beneath which you want to hide you Secret data.

Step 2: Now, select the file you want to hide and convert it into .rar format using Winrar. (Compress the files you want to hide to .rar using Winrar Archiver.)

Step 3: Now paste both the files (the image and the rar you created) on the desktop.

Step 4: Now, open command prompt on your desktop. Follow these simple steps to open cmd on Desktop. 

• Press `windows key + R` and the enter cmd.
• Now, use command `cd desktop` and press enter.

CD stands for change directory. By typing the above mentioned command you redirect the directory to desktop.

Step 5: Now type : 

copy /b name.jpg + filename.rar image.jpg

• Replace name.jpg with the name of image you want your file to be hidden behind. Don’t forget to add image format like  .jpg,.png,.gif etc.
• Replace filename with the name of the file that you choose to hide (the rar file we created above). It must be in .rar format.
• Finally Replace image.jpg with the name you want. This will be the name of the final image that will be created like the image we selected but it will contain hidden files.

Step 6: The newly created image just looks like an image from all sides. But it will contain the files that you wanted to hide. You can confirm it seeing to the size of newly created image. It will be the sum of the size of image and the size of rar created.

How can we prevent ourselves?

As we saw that this trick/hack can be used for bad purposes too, it becomes necessary for us to prevent ourselves from such attacks. This can be done by seeing to the size of any file before we open it.

Take the case of some Image. If the image contains some malicious application, the image size would increase as the size of malicious file is added to the original size of image.

However, this method doesn't always help us to prevent ourselves. But it works good..! But we can perform reverse engineering to protect ourself. The method is given below.

How to Extract hidden files from the Image?

So now, let us see how to reverse the task we performed earlier. The steps are very simple.

Step 1: Change the type of the image to .rar from .jpg or .png or any other.

Step 2: Now, use Winrar to extract the contents of this rar created. Many a times, this step doesn't work. If this step doesn't work, follow the next step.

OR

Step 2: Install 7-zip archive on your PC and then try to extract the rar created in step 1.

If there are any queries in this process, post it in the comment box provided below.