- Introduction to Steganography -


Scenario


  • There is a spy in your midst! You have discovered that one of your colleagues is a spy but you do not know who it is... All you know is that they communicate with their handle through pictures that have a hidden message. In order to conceal their secret communication they have hidden a message in a picture. However, they are smart and cunning spies, thus they have multiple pictures that look the same, but only one picture has the message.

Mission


  • Your mission is to scan all the files and find the picture that the handler is sending to the spy that is in our midst!
  1. Begin by extracting the files from the provided archive which can also be found here.
  2. You can use the following linux commands
    • strings <filename>, where you can substitute one of the picture file names that were in the archive.
    • Read the man page to figure out what the strings command does.
    • You are looking for a string that is unusually long.
    • Once you find that string you are done with the first hint of your forensics analysis.
  3. The found string is a hash string.
    • What is a hash? A hash is an irreversible mathematical function that is commonly used to "scramble", i.e., encrypt, passwords and store them securely. It is also used to check the integrity of data. If a file has been tampered, its hash string will be different than the original.
    • What is a hash string? A hash string is a result of a hash, it is really a set of characters that correspond to the specific file or password and only that file or password, none else!
    • You can generate hash strings using the linux command: sha1sum <filename>, where you can substitute one of the picture file names that were in the archive.
    • Every file has a different hash string because it has been tampered with, even though all files look that the same picture!
    • Only one hash corresponds to the file that has the secret that we are looking for.
  4. Download the picture in your desktop and open it with your favorite image processing tool
    • The secret message is hidden somewhere in the picture
    • Only the very observative people with strong eyes can find it