Steganography

Steganography

Steganography is the practice of hiding a message inside of (or even on top of) something that is not secret.

The steganography has the double mission to hide and to deceive.

Of course not only messages can be hidden but also malware scripts.

Snow

There are a lot of tools that can hide things in images, files, and so on.

Snow is one of these.

Snow stands for Steganographic Nature Of Whitespace .

SNOW is a whitespace steganography tool that is used to embed hidden messages in ASCII format by extending the whitespace to the end of lines. This is done because the white spaces and tabs are not visible in text format to the viewers, thus making the messages hidden from the casual audience. The hidden messages are not available even if the built-in encryption is used to detect the message.

Snow is intended to be used with Windows. The Linux version is stegsnow.

To hide a message in a file (let’s say readme2.txt) using the content of an existing file (let’s say readme.txt):

stegsnow -C -m "super secret message" -p "passwordtousetodecodemessage" originalfile.txt filewithhiddenmessage.txt 

For instance

root@kali:~# stegsnow -C -m "CIAO MAMMA guarda come mi diverto" -p "magic" readme.txt readme2.txt 
Compressed by 30.30%
Message exceeded available space by approximately 776.19%.
An extra 6 lines were added.

where in readme.txt there is a generic content.

After the command the readme2.txt will contain the content of readme.txt plus soma extra spaces and tab.

To decode the content of readme2.txt:

stegsnow -C -p "passwordtousetodecodemessage" filewithhiddenmessage.txt 

For instance:

root@kali:~# stegsnow -C -p "magic" readme2.txt 
CIAO MAMMA guarda come mi diverto