Scribd
Upload
53 views22 pages

Lab - Steganography

Uploaded by

dzuluaga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
53 views22 pages

Lab - Steganography

Uploaded by

dzuluaga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 22

Steganography Lab

Steganography Lab
 Show simple examples of steganography

 Materials needed
 Kali Linux Machine

 Software Tools used


 zip command (Linux command)
 steghide (Linux program)
Objectives Covered
 Security+ Objectives (SY0-601)
 Objective 2.8 - Summarize the basics of
cryptographic concepts
 Steganography
 Image
What is Steganography?
 A type of obfuscation where the actual message does
not attract attention
 A message is embedded in an image
 TCP packets have message embedded inside them
 Watermarks that are invisible to the eye on the paper

This image has the


message “You may be
compromised, meet your
handler at headquarters”
embedded in it.
The Steganography Lab

 Setup Environment
 Embedded text (zip command)
 Embedded text (steghide app)
Setup Environment

 Log into your range


 Open the Kali Linux Environment
 You should be on your Kali Linux Desktop
Find Steganography Lab Files
 Click the Folder icon in the top left of Kali
 Then navigate to CourseFiles > Cybersecurity > steganography-
lab and select "Open Folder"
Embedded Text (zip Command)
Take a look at the images inside of this folder
 Open the images to see if you see any hidden
messages
 3 of the images have hidden messages
Embedded Text (zip Command)
Let’s discover the text hidden inside of the
panda_hanging.jpg image
 Open a terminal
 Navigate to the folder
cd CourseFiles/Cybersecurity/steganography-lab
 When inside the folder, unzip the image
unzip panda_hanging.jpg

Notice that a
TopSecret.txt file was
extracted from this image
Embedded Text (zip Command)
What does the TopSecret.txt file say?
 List all the files in the folder
ls
 Notice there is a TopSecret folder
 Navigate into this folder and list all the files
cd TopSecret Notice the hidden
ls message that was
embedded in the image
 Read the TopSecret.txt file
cat TopSecret.txt
Embedded Text (zip Command)
Your turn to hide a message in an image just like this one.
Create the message here:
 Navigate back to steganography-lab folder
cd ..
 Create and edit the text document
nano SekretMessage.txt
 Enter your secret message to be hidden
 Press CTRL+X, then Y, and ENTER to save
Embedded Text (zip Command)
Now, put the message in a zipped folder:
 Create a directory:
mkdir SekretMessage
 Move the message into the directory
mv SekretMessage.txt SekretMessage
 Zip the directory
zip -r SekretMessage.zip SekretMessage
 Remove the old directory
rm SekretMessage -rf
Embedded Text (zip Command)
Concatenate the zipped file with image1:
 Combine the files
cat image1.jpg SekretMessage.zip > berry.jpg
 Delete the old message
 rm SekretMessage.zip

Navigate to the berry.jpg file, notice it’s just an image of


a strawberry…
…or is it?
Embedded Text (zip Command)
Without unzipping the image, try to find the embedded
message inside the berry.jpg image:

 Now, unzip the file and find the hidden message


unzip berry.jpg
 Display the message
 cat SekretMessage/SekretMessage.txt
Embedded Text (zip Command)
Your turn: Hide your own message
 Create a text file (hidden message!)
 Put the text file into a folder
 Zip the folder (Recursively!)
 Concatenate the zipped folder and image2.jpg to hide
the message
 Delete the old files (except new image with hidden
message)
 Then have someone else discover the hidden message!
Embedded Text (steghide app)
This is already installed on the CYBER.ORG Range
 Install steghide:
sudo apt-get update
sudo apt-get install steghide
 Enter “y” when/if prompted
Embedded Text (steghide app)
 Once steghide is installed, discover the hidden
message inside of the giraffe image:
steghide extract -sf giraffe_tongue.jpg
 When prompted for a passphrase:
 Use “verytall” (without quotations)
 Display the hidden message
cat HiddenMessage.txt

Notice that this gives the


passphrase for the koala image.
Find the hidden message
embedded in the koala image
Embedded Text (steghide app)
 Let’s read the manual for steghide:
 man steghide
 Locate the following flags/options:
 -sf
 -ef
 -cf

What are the purpose of


these flags/options?
Embedded Text (steghide app)
 Create and edit the message
nano MessageToHide.txt
 Enter your secret message to be hidden
 Press CTRL+X, then Y, and ENTER to save
Embedded Text (steghide app)
 Embed the message inside of image3.jpg
steghide embed -ef MessageToHide.txt -cf image3.jpg
 Enter a password when prompted
 Re-enter to confirm the password
 Remove the old message
rm MessageToHide.txt
Embedded Text (steghide app)
 Try to find the embedded text without steghide
 Use steghide to find the message
steghide extract -sf image3.jpg
 Enter password when prompted
 Display the message
cat MessageToHide.txt
Embedded Text (steghide app)
Your turn: Hide your own message
 Create a text file (hidden message!)
 Hide the text file inside image4.jpg
 Remember the password!
 Delete the old message
 Have someone else try to discover the hidden
message!

You might also like