{"id":357,"date":"2015-10-19T20:27:00","date_gmt":"2015-10-19T12:27:00","guid":{"rendered":"http:\/\/note.systw.net\/note\/?p=357"},"modified":"2023-10-30T20:33:50","modified_gmt":"2023-10-30T12:33:50","slug":"steganography","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/357","title":{"rendered":"Steganography"},"content":{"rendered":"\n

Steganography Techniques <\/strong><\/h2>\n\n\n\n

Steganography<\/strong>
hiding information within other file like pictures,audio,text,…etc<\/p>\n\n\n\n

Classification of steganography<\/strong>
technical: using physical or chemical means to hide the existence of a message
linguistic: utilizing natural language to hide the message<\/p>\n\n\n\n

Technical steganography<\/strong>
invisible ink
microdots
computer-based methods<\/p>\n\n\n\n

Linguistic steganography<\/strong>
semagrams: utilizing visual symbols or signs to hide secret messages
open codes: utilizing a designed pattern on the document to hides the secret message<\/p>\n\n\n\n

…<\/p>\n\n\n\n

Semagrams<\/strong>

visual semagrams:<\/strong> using innocent-looking or everyday physical objects to convey a message
ex:
symbols, doodles or the positioning of items on a desk or Website
text semagrams:<\/strong> hides a message by modifying the appearance of the carrier text
ex:
subtle changes in font size or type, adding extra spaces, or different flourishes in letters or handwritten text.<\/p>\n\n\n\n

…<\/p>\n\n\n\n

Open codes<\/strong> <\/p>\n\n\n\n

jargon code<\/strong>: using a language that a group of people can understand
ex:
define: eat=email to, cow=raymond
message: eat cow
plaintext: email to raymond
covered ciphers<\/strong>: the message is hidden openly in the carrier medium
\u3000null ciphers
\u3000grille ciphers<\/p>\n\n\n\n

 <\/strong>
null ciphers<\/strong>:
plaintext is mixed with a large amount of material
ex:
key: 1,2,3,1,2,3,1,2,3,1,2 [each letter in each word]
message: Susan sAys GaIl Lies. MAtt leTs Susan fEel joVial. Elated (or) aNgry?
plaintext: Sail at seven.<\/p>\n\n\n\n

grille ciphers<\/strong>:
looking plaintext by cutting holes in a piece of paper with a large amount of maerial<\/p>\n\n\n\n


refer
www.garykessler.net\/library\/fsc_stego.html
https:\/\/en.wikipedia.org\/wiki\/Null_cipher<\/p>\n\n\n\n

……………………………………………………………………………………….<\/p>\n\n\n\n

Common type of steganography<\/strong>
image steganography
document steganography
audio steganography: it is hard to find secret message
video steganography: it is hard to find secret message<\/p>\n\n\n\n

Audio steganography method<\/strong>
echo data hiding
spread spectrum method
Low Bit encoding
Phase coding<\/p>\n\n\n\n

…<\/p>\n\n\n\n

Common tool<\/strong>
Fort Knox
Blindside – \u5c07\u4efb\u4f55\u6a94\u6848\u85cf\u5728Bitmap
S-Tools
Steghide – \u58d3\u7e2e ,\u52a0\u5bc6,checksum
Digital Identity
Stegowatch – \u5075\u6e2c\u662f\u5426\u6709\u85cf\u8cc7\u6599
Image Hide – \u6a94\u6848\u5927\u5c0f\u4e0d\u6703\u6539\u8b8a
Mp3Stego – \u5c07\u8cc7\u6599\u85cf\u5728\u58d3\u7e2e\u7684mp3
snow – \u5c07\u8cc7\u6599\u85cf\u5728\u7a7a\u767d\u8655<\/p>\n\n\n\n

refer
http:\/\/wenku.baidu.com\/view\/da7fbcd0360cba1aa811da11.html?re=view<\/p>\n\n\n\n

…………………………………………………………………………………………………….<\/p>\n\n\n\n

Image Steganography<\/strong><\/h2>\n\n\n\n

BMP tool <\/strong><\/p>\n\n\n\n

tool: stool.exe<\/strong>
insert secret text in BMP by LSB
reveal:get secret<\/p>\n\n\n\n

ps:
orginal bmp and new bmp:size is same,hash is not same<\/p>\n\n\n\n


LSB\u6f14\u7b97\u6cd5<\/strong>
\u5927\u5c0f\u4e0d\u6703\u589e\u52a0,\u56e0\u70ba\u662f\u53d6\u4ee3\u5c11\u90e8\u4efd\u5b57\u5143
\u5e38\u7528\u5728BMP<\/p>\n\n\n\n

………………………. <\/p>\n\n\n\n

JPG tool<\/strong><\/p>\n\n\n\n

tool: jphide <\/strong> 
\u52a0\u5167\u5bb9\u9032jpeg by DCT
jphide.exe < secret file> < original file>
ex:
jpseek.exe xx.jpg
tool: jpseek <\/strong>
\u89e3\u5167\u5bb9from jpeg
jpseek.exe < new file> < secret file><\/p>\n\n\n\n

DCT<\/strong>(Discrete cosine transform,\u96e2\u6563\u9918\u5f26\u8b8a\u63db\uff09
a technique is used by JPEGs for compression<\/p>\n\n\n\n

ps:
orginal jpg and new jpg:size is not same<\/p>\n\n\n\n

…<\/p>\n\n\n\n

Detection tool<\/strong><\/p>\n\n\n\n

tool: stegdetect<\/strong>
\u5075\u6e2c\u6709\u6c92\u6709screat\u5728\u88e1\u9762
stegdetect [parameter] < file path>
ex:
stegdetect -t p xx.jpg
stegdetect *.jpg<\/p>\n\n\n\n

tool: stegbreak<\/strong>
\u7528\u5b57\u5178\u6a94\u89e3\u5bc6\u4e26\u8f38\u51fascreat
ex:
stegbreak -r rules.ini -f password.lst xx.jpg<\/p>\n\n\n\n

……………………………………………………………………..<\/p>\n\n\n\n

Image compression<\/strong>
lossy compression :\u7834\u58de\u6027\u8cc7\u6599\u58d3\u7e2e
lossless compression: \u975e\u7834\u58de\u6027\u8cc7\u6599\u58d3\u7e2e<\/p>\n\n\n\n

Image type<\/strong>
raster image<\/strong>: it is made of up pixels, each a different color, arranged to display an image.
ex: BMP,PNG,JPG
vector image:<\/strong> it is made up of paths, each with a mathematical formula (vector) that tells the path how it is shaped and what color it is bordered with or filled by.
ex:SVG
Metafile image<\/strong>: a formats containing both pixel and vector data
ex:EPS, PDF<\/p>\n\n\n\n

refer
https:\/\/www.psprint.com\/resources\/difference-between-raster-vector\/
https:\/\/en.wikipedia.org\/wiki\/Image_file_formats<\/p>\n\n\n\n


Common graph file<\/strong>
BMP – Microsoft Windows bitmap
DIB – Microsoft Windows Device Independent Bitmap
EPI – Adobe Encapsulated PostScript Interchange format
EPS – Adobe Encapsulated PostScript
GIF – CompuServe Graphics Interchange Format
JPC – JPEG-2000 Code Stream Syntax
JPEG – Joint Photographic Experts Group JFIF format
PCD – Photo CD
PCX – IBM PC Paintbrush file
PDB – Palm Database ImageViewer Format
PDF – Portable Document Format
PGM – Portable graymap format (gray scale)
PICT – Apple Macintosh QuickDraw\/PICT file
PNG – Portable Network Graphics
PSD – Adobe Photoshop bitmap file
SVG – Scalable Vector Graphics
TGA – Truevision Targa image
refer
http:\/\/www.online-utility.org\/image_converter.jsp<\/p>\n\n\n\n

…………………..<\/p>\n\n\n\n

GIF<\/strong>
8bit RGB bitmap image format
up to 256 distinct colors
lossless compression
refer
https:\/\/zh.wikipedia.org\/wiki\/GIF<\/p>\n\n\n\n

…<\/p>\n\n\n\n

BMP(Bitmap)<\/strong>
a Raster image
https:\/\/zh.wikipedia.org\/wiki\/BMP<\/p>\n\n\n\n

bitmap contains below<\/strong>
file header
color table\/RGBQUAD array:specifies the dimensions,compression type,color format,…etc
information header
image data
…<\/p>\n\n\n\n

JPG(Joint Photographic Experts Group)<\/strong>
\u4e00\u7a2e\u91dd\u5c0d\u76f8\u7247\u5f71\u50cf\u800c\u5ee3\u6cdb\u4f7f\u7528\u7684\u4e00\u7a2e\u5931\u771f\u58d3\u7e2e\u6a19\u6e96\u65b9\u6cd5
refer
https:\/\/zh.wikipedia.org\/wiki\/JPEG<\/p>\n","protected":false},"excerpt":{"rendered":"

Steganography Techniques  …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[11],"tags":[],"class_list":["post-357","post","type-post","status-publish","format-standard","hentry","category-forensics"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/357","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=357"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/357\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=357"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=357"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=357"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}