Lab 16
Image Steganography Using QuickStsgo
QnickStego hides text in pictures so that only other users of OnickStego can retrieve and read the hidden secret messages.
Lab Scenario
Porn sites are tilled with images that sometimes change multiple times each day, require authentication in some cases to access their "better" areas of content, and by using stenograpluc techniques, would allow an agent to retrieve messages from their home bases and send back updates, all in porn trading. Thumbnails could be scanned to find out if there are any new messages for die day; once decrypted, these messages would point to links on die same site with the remaining information encrypted.
Terrorists know that so many different types of files can hold all sorts of hidden information, and tracking or finding these files can be an almost impossible task. These messages can be placed in plain sight, and the servers that supply these files will never know it. Finding these messages is like finding the proverbial "needle" in the World Wide Web haystack.
in order to be an expert an etlucal hacker and penetration tester, you must understand how to lude the text inside the image. in tliis lab, we show how text is hidden inside an image using the QuickStego tool.
Lab Objectives
The objective of tins lab is to help the smdents learn how to hide secret text
messages in an image.
Lab Environment
To perform the lab, you need:
■ A computer ninning Windows Server 2012
■ Administrative privileges to install and run tools
■ QuickStego is located at D:\CEH-Tools\CEHv8 Module 05 System Hacking\Steganography\lmage Steganography\QuickStego
■ You can also download Quick Stego tool from http: / /quickc1Tpto.com/ H־ee-steganog1־aphv-soitware.html
■ II you decided to download latest version screenshots may differ
■ Run diis tool 111 Windows Server 2012
Lab Duration
Time: 10 Minutes
Overview of Steganography
Steganography is the art and science of writing hidden messages in such a way diat no one, apart from the sender and intended recipient, suspects the existence of die message, a form of security through obscurity. Steganography includes die concealment of information within computer hies. in digital steganography, electronic communications may include stenographic coding inside of a transport layer, such as a document tile, image file, program, or protocol.
Lab Tasks
The basic idea in diis section is to:
1. Follow die wizard-driven installation steps to install Quick Stego
2. Launch Quick Stego from Start menu apps
 |
| FIGURE 16.1: Main window of the QuickStego |
 |
| FIGURE 16.2: Opening the image |
4. Browse the image from D:\CEH-Tools\CEHv8 Module 05 System Hacking\Steganography\lmage Steganography\QuickStego.
5. Select lamborgini_5.jpg. and then click the Open button.
 |
| FIGURE 16.3: Selecting die image |
 |
| FIGURE 16.4: Selected image is displayed |
 |
| FIGURE 16.5: Selected text file |
9. Select Text F11e.txt tile, and then click the Open button.
 |
| FIGURE 16.6: Selecting tlie text file |
10. The selected text will be added; click Hide Text 111 the Steganography dialog box.
11. It shows the following message: The text me ssa g e is now hidden in image.
 |
| FIGURE 16.7: Hiding the test |
 |
| FIGURE 16.8: Save the steganography image |
13. Provide the tile name as stego, and click Save (to save tins file on the desktop).
 |
| FIGURE 16.9: Browse for saved file |
15. Browse the Stego file (which is saved on desktop).
16. The hidden text inside the image will appear as displayed in the following figure.
 |
| FIGURE 16.10: Hidden text is showed |
Lab Analysis
Analyze and document the results related to the lab exercise. Give your opinion on your target’s security posture and exposure.
Không có nhận xét nào:
Đăng nhận xét