Poor Man’s Steganography

Today I have learned a new trick. You can do very basic pseudo-stegonography by simply using winrar and the rudimentary windows copy command. If you are to lazy to click on a link, let me show you how:

First let’s create ourselves a file containing a secret message:

echo this is a secret message > secret.txt

Let’s find a suitable image to hide our text. I picked this monkey picture for our sample:


There is a very easy way to concatenate files in windows using the copy command. This is what we are going to use to hide our info. Your first instinct may be to do this:

copy /b monkey.jpg secret.txt new_monkey.jpg

This will produce a perfectly viewable image that will contain your text. The text file is simply appended to the end of the jpeg data. Neat part is that most programs out there will completely ignore this tacked on data. So you effectively embedded text in an image. This is cool, and everything but there is no easy way to extract your message from the image.

How do we get around this? It’s simple: compress your text file using winrar, or winzip first, and then concatenate:

copy /b monkey.jpg secret.rar new_monkey.jpg

Part two of this trick, is the fact that WinRar and many other compression apps will completely ignore the jpeg data that precedes the archive. You can take the image, and unrar it just like a normal archive. Please, go ahead and save this monkey pic and try extracting it with winrar. I promise you that it will work:

New Monkey

This is a cool trick to share with your friends and etc. The hidden files are somewhat obfuscated, and yet readily accessible if you know where to look for them. How good is this method at concealing the message? Let’s take a look:

Inside the File

As you can see in the picture above, the text is still plainly visible inside of the file. If I had used a longer text, the compression would probably scramble it a little bit, but it could still be recovered easily. This is more or less a pseudo stego exercise. If you really want to hide something, simple concatenation is not going to cut it.

First you will likely need encryption. Hiding things in plain sight is neat as a concept, but if you embed plaintext files into images, they will be easily detected. You will also need scatter your information throughout the whole image. Concatenation does not work, because it puts the hidden data in one place, where it can be easily isolated and attacked. You want to evenly distribute you payload throughout the host file so that it appears like random noise.

Of course there is no easy way to do this type of stuff. You usually need to hack up your own stego-encoder, or grab one of the existing stego apps on the maket. I recommend a nifty free tool wbstego to do the task.

For example, the monkey picture below, also contains the hidden text:

Stego Monkey

The data is encrypted with Blowfish cipher. See if you can crack it. Btw, if you download wbstego the password for the bitmap above is terminally-incoherent.

[tags]steganography, monkey, encryption, security, lifehacker, concatenation, winrar, copy[/tags]

This entry was posted in technology and tagged . Bookmark the permalink.

4 Responses to Poor Man’s Steganography

  1. Chrissy UNITED STATES Mozilla Firefox Mac OS says:

    For the first image, I was able to see the secret message by opening the photo in TextEdit (Mac)

    Reply  |  Quote
  2. Luke UNITED STATES Mozilla Firefox Ubuntu Linux says:

    You can also use windows Notepad or any text ediror for that matter. :) I picked a hex editor, cause it looks more awesome on a screenshot. :mrgreen:

    My point was there is no easy way to separate these two files. At least not compared to the zipped method where you can just extract the textfile from the image.

    Reply  |  Quote
  3. The encoder BELGIUM Mozilla Firefox Mac OS says:

    This method explained in the video is much better and far easier:


    Reply  |  Quote
  4. Luke UNITED STATES Mozilla Firefox Windows says:

    I think they actually might be using the same technique I presented above to do this though… :)

    Reply  |  Quote

Leave a Reply

Your email address will not be published. Required fields are marked *