How to hide files inside images in Linux
Today, we are going to see how to hide files inside images in Unix-like operating systems. But, why would we want to do that? Simple, just for added security. This is what we call Steganography in other term. Steganography is a process of hiding a file, an image, a video, a text inside another file. As mentioned in Wikipedia, Steganography is the combination of two Greek words, steganos which means “covered, concealed, or protected”, and graphein which means “writing”. The sources said that this method was first followed by Histiaeus, an ancient Greek king, back in 440BC. He shaved his most trusted servant’s head, and marked the secret message onto his head. After the hair had regrown, he sent that servant to one of his Vassal to convey the message that has some information about the upcoming attack to Greece. Now, in the modern age, Steganography has been evolved, much improved and widely used to send and receive digital secret messages by concealing them into another files. For more details about Steganography, refer this link.
Let us now skip the theory and dive into the practical part. As the title says we are going to hide files inside images in Linux, with and/or without help of an additional software. First, we will see how to do it without any additional software’s help.
Steganography is a vast topic. This tutorial only covers how to hide files inside images, which is the core concept of Steganography. Please do not blindly assume that this can’t be broken by any security experts. The method described here is very very basic, so even an intermediate security professional can easily break it in couple hours. This steps described below is purely for educational purpose. Neither me, nor this website is not responsible for any kind of malpractice.
Hide files inside images in Linux without using any additional software
This method doesn’t require any additional software. Just a basic Linux command line skill is enough.
Let me explain first how exactly I am going to do this trick.
I have one image file, let us call it as test.jpg, and a directory called sk. Inside this directory, there is a file called message.txt. This text file contains the secret message. You can place any number of files you want to hide inside this directory. Then, I am going to compress the directory sk and save it as secret.zip to make it as single file. Finally, I will concatenate the zip file (secret.zip) and image file (test.jpg) using cat command, and save it as ostechnix.jpg.
To put things more clearly,
- test.jpg – A random image file
- sk – The directory that contains all secret files.
- secret.zip – Archive of sk directory.
- ostechnix.jpg – The output image file that contains both secret.zip and test.jpg.
Step 1: Put the image file, and the directory in one folder. I have put them in a folder called “Stegnography”.
Step 2: Move all files you want to hide inside the folder “sk”. Then, compress this folder and save it as “secret.zip”. To compress the folder, right click on it, and select compress.
Step 3: Next open the Terminal. Go to the location where you have zip and image files (In our case it is Steganography). Finally, concatenate the secret.zip and test.jpg files, and save them as ostechnix.jpg using cat command.
cat test.jpg secret.zip > ostechnix.jpg
That’s it. We have now hidden the secret files inside ostechnix.jpg. It is the important file. Just delete all other files except ostechnix.jpg.
The ostechnix.jpg will look like an ordinary file, and anyone can view it using any image viewer application. But, they may not know this file has some confidential file in it.
To view the hidden files inside the image file ostechnix.jpg, just uncompress it using the following command as shown below.
unzip -t ostechnix.jpg
Archive: ostechnix.jpg warning [ostechnix.jpg]: 29890 extra bytes at beginning or within zipfile (attempting to process anyway) creating: sk/ extracting: sk/message.txt
As you see in the above output, the directory sk that has secret files inside has been extracted. Now, go back to the folder and check the contents. You will see all the files in there. Very simple isn’t it? Of course, this is very simple Steganography method. Like I said already, Steganpgraphy is a vast topic, I just have covered the basic concept. The one big drawback of using this method is we can’t extract any password protected zip files.
Now, we will see how to do the same with the help of a software called Steg.
Hide files inside images in Linux using Steg
Steg is a simple, cross platform, and graphical tool, written using C++ programming language. It is a portable software, so just download it, carry it anywhere and start using it in no-time, regardless of any operating system you use. Steg supports JPEG, JPG, TIFF, PNG, and BMP image formats. It uses Steganography and Cryptography techniques to hide data inside compressed or uncompressed images. Unlike the above method, we can hide information inside a password-protected image.
Let us now see how to use it.
Click on the following link to download the Steg application. It is available for both 32 and 64 bit architectures.
Or, Just use the following command to download it depending upon the architecture you use.
For 64 bit:
For 32 bit:
After downloading, extract it using command:
tar -xvzf steg-v220.127.116.11-linux64.tgz
Go to Steg directory:
And, type the following command to run it.
Click Yes to accept the license agreement.
Click Ok to continue.
This is how Steg application default interface looks like.
Now, let us hide some data inside an image.
To do that, go to File -> Open generic image or Open JPEG image. Make sure you have chosen a big size image to store more data inside of it. The bigger image you choose, the more you can save inside the image.
After you open the image, the original image and modified image (output image) will be shown in left and right panels respectively. Also, It displays the available size to store data inside the image in the bottom right corner.
Now, go to Hide -> Hide Data from the top menu bar. Select the file you want to hide. Make sure the file you selected is smaller than the available space in the modified image. After adding the data, you will see a confirmation dialog box that says: Data successfully hidden.
Here comes the important part. You can choose different encryption modes.
- Auto: Data will be encrypted, but you there is no PassPhrase or keys will be required to extract data.
- Symmetric: You have to give a PassPhrase to encrypt the data, and the recipient will need the same PassPhrase to extract it.
- Asymmetric unsigned: when you want to hide data (you are the sender) only the receiver’s public key is required. When you want to extract data (you are the receiver) only your private key is required.
- Asymmetric signed: when you want to hide data (you are the sender) the receiver’s public key and your private key are required. When you want to extract data (you are the receiver) only your private key is required but the sender’s public key is requested. If you don’t provide the sender’s public key, at the end of the extraction process, you will be warned that the sender identity is not verified. If you provide the sender’s public key you will be informed if sign verification is succeeded.
You can choose any cryptography methods of your choice.
To choose a specific cryptography method, go to Edit -> Configuration from the menu bar. The default cryptography method is auto. Also, you can embed some messages on the file if you want to.
Once everything is ok, click the Save button on the tool bar, and save it in any location you prefer.
Success! The image data is encrypted inside the image. This image will look like a regular image. You can view it using any image viewer application.
To extract the hidden data, just open the encrypted image in Steg application. To do so, go to Extract -> Extract data from the menu bar.
Select the location where you want to save your data. Done!
That’s it. You will now be able to view the data.
As you can see, this is extremely easy to follow and doesn’t require any special skills. Just open an image, hide some confidential data, and pass it along.
For more details about Steg, check the official website.
Hope this helps. If you find this guide useful, please share it on your social, professional networks and support OSTechNix. We will be posting more useful guides in the days to come. Keep visiting.
Thanks for stopping by!
How can I benefit from this blog:
- Subscribe to our Email Newsletter : Sign Up Now
- Download free E-Books and Videos : OSTechNix on TradePub
- Connect with us: Facebook | Twitter | Google Plus | LinkedIn | RSS feeds
Have a Good day!!