INTRO

Do you keep worried about your privacy? there are lots of things that you are supposed to keep on your computer and cant show it to anyone else. we are not just talking about some password here.  For example, ssh keys, well you can’t remember a private ssh key, can you? if you are a developer/programmer then you must know about API keys. sometimes we have a situation where we need to store API keys in our PC. that’s where the problem starts, there are chances that your annoying siblings or friends see those secrets that you are not supposed to hide from them.

In this article, we will try to hide data in a text file with a not so famous tool. we will try to make data as hidden as possible. with this tool, you will be able to hide your ssh keys, API keys,  passwords and other stuff too. but it is required for the data to be in text (ASCII) form. this article is going to be short and simple.

 

ATTACK

So, the tool name is Stegsnow. it is also known as white space steganography program. Stegsnow is a program for concealing messages in text files by appending tabs and spaces on the end of lines, and for extracting messages from files contain‐
ing hidden messages. Tabs and spaces are invisible to most text viewers, hence the steganographic nature of this encoding scheme.

The data is concealed in the text file by appending sequences of up to 7 spaces, interspersed with tabs. This usually allows 3 bits to be stored every 8 col‐
umns. An alternative encoding scheme, using alternating spaces and tabs to represent zeroes and ones, was rejected because, although it used fewer bytes, it
required more columns per bit (4.5 vs 2.67).

The start of the data is indicated by an appended tab character, which allows the insertion of mail and news headers without corrupting the data.

Stegsnow provides rudimentary compression, using Huffman tables optimised for English text. However, if the data is not text, or if there is a lot of data, the use of the built-in compression is not recommended, since an external compression program such as compress or gzip will do a much better job. Encryption is also provided, using the ICE encryption algorithm in 1-bit cipher-feedback (CFB) mode. Because of ICE’s arbitrary key size, passwords of any
length up to 1170 characters are supported (since only 7 bits of each character are used, keys up to 1024-bytes are supported).

But it doesn’t come pre-installed in Kali Linux. You can install it with the aptitude package manager. Type this command:

sudo apt install stegsnow

Screenshot:


I have already installed it which is causing this result.

let’s see the help menu with --help flag. Type this command:

stegsnow --help

Screenshot:

First, let’s hide a message in a text file. for the demonstration, I have created a text file which contains some text names.

Screenshot:

So, now we want to hide some message in this file. to do that, type this command:

stegsnow -C -m "This is a Hidden Text" -p "1234" dos.txt newdos.txt

Screenshot:

The -C flag is to compressing data. It will also be used in extracting data. -m is to define the message that supposed to be encrypted. -p is for the password. now the important thing is we have specified two file names. first one is the original file. and the second one the output file which will be created using the first file. the second file will have our hidden text.

Now let’s take a look at the newdos.txt with nano. Type this command:

nano newdos.txt

Screenshot:

the file has something in red colour. but we can’t read it. but you can try to read it with hex. type this command:

hexdump newdos.txt

Screenshot:

It seems that everything is written with hex 20 which is space and hex 09 which is a horizontal line.

Now to decrypt the file, you will need to use Stegsnow tool again with your given password. type this command:

stegsnow -C -p '1234' newdos.txt

Screenshot:

And we have our hidden text back.

Note that the tool doesn’t popup any input for the password. all we can use is -p which seems pretty unsecured. because whenever we write commands the bash or zsh history gets saved in a file in the home folder. you can use sh if you don’t want your password to be saved in a bash_history file.

 

 

Thanks For Visiting.

LEAVE A REPLY

Please enter your comment!
Please enter your name here