Saturday, 18 April 2020

Steagnography

(Steganography: Lesson 1)

{ Using Quick Stego to Embed Secret Messages Into Pictures }

Section 0: Background Information
  1. What is the story?
    • Have you ever heard those sci-fi stories where spies or whomever hide secret messages inside of pictures?  Well, this lesson actually illustrates how easy it is to actually hide secret messages inside of a picture.
  2. What is Steganography
    • Steganography is the science of writing hidden messages in such a way that no one apart from the sender and intended recipient even realizes there is a hidden message.
  3. What is QuickStego
    • QuickStego lets you hide text in pictures so that only other users of QuickStego can retrieve and read the hidden secret messages. Once text is hidden in an image the saved picture is still a 'picture', it will load just like any other image and appear as it did before. The image can be saved, emailed, uploaded to the web (, the only difference will be that it contains hidden text.
    • http://quickcrypto.com/free-steganography-software.html
  4. What is MD5SUMS?
    • MD5sums calculates the MD5 message digest for one or more files (includes a percent done display for large files). By comparing the MD5 digest of a file to a value supplied by the original sender, you can make sure that files you download are free from damage and tampering.
    • http://www.pc-tools.net/win32/md5sums/
  5. Pre-Requisite
  6. Lab Notes
    • In this lab we will do the following:
      1. Power on Damn Vulnerable WXP-SP2
      2. Install Quick Stego
      3. Install MD5SUMS
      4. Hide Message
      5. View Byte Size of files
      6. View MD5 checksum of the files
  7. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • You are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2013 No content replication of any kind is allowed without express written permission.

Section 1: Log into Damn Vulnerable WXP-SP2
  1. Open VMware Player on your windows machine.
    • Instructions:
      1. Click the Start Button
      2. Type "vmware player" in the search box
      3. Click on VMware Player
  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Edit Virtual Machine Settings
    • Note:
      • Before beginning a lesson it is necessary to check the following VM settings.
  3. Set Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Click on the radio button "Bridged: Connected directly to the physical network".
      3. Click the OK Button
  4. Start Up Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Start Up your VMware Player
      2. Play virtual machine
  5. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Click on Administrator
      2. Password: Supply Password
        •  (See Note)
      3. Press <Enter> or Click the Arrow
    • Note(FYI):
      1. Password was created in (Lab 1, Section 1, Step 8)
  6. Open the Command Prompt
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Accessories --> Command Prompt
  7. Obtain Damn Vulnerable WXP-SP2's IP Address
    • Instructions:
      1. ipconfig
      2. Record Your IP Address
    • Note(FYI):
      • In my case, Damn Vulnerable WXP-SP2's IP Address 192.168.1.116.
Section 2: Download Quick Stego
  1. Open Firefox
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Mozilla Firefox
  2. Download Stego
  3. Select Download Directory
    • Instructions:
      1. Navigate to the below directory
        • Desktop --> My Documents --> Downloads
        • Click here if link is dead.
      2. Click the Save button
Section 3: Install Quick Stego
  1. Open Containing Folder
    • Instructions:
      1. Tools --> Downloads
      2. Right Click on QS12Setup.zip
      3. Click on Open Containing Folder
  2. Open Stego Zip File
    • Instructions:
      1. Right Click on QS12Setup.zip
      2. Click on Open
  3. Open Stego Executable
    • Instructions:
      1. Right Click on QS12Setup.exe
      2. Click on Open
  4. File Download - Security Warning
    • Instructions:
      1. Click the Run Button
  5. Setup - Quick Stego
    • Instructions:
      1. Click on the Next button
  6. License Agreement
    • Instructions:
      1. Select I accept the agreement radio button
      2. Click on the Next button
  7. Select a Destination
    • Instructions:
      1. Accept the Default Destination Location
      2. Click on the Next button
  8. Select Additional Tasks
    • Instructions:
      1. Check the Create a Desktop Icon checkbox
      2. Check the Create a Quick Launch Icon checkbox
      3. Click on the Next Button
  9. Ready to Install
    • Instructions:
      1. Click the Install Button
  10. Complete Installation
    • Instructions:
      1. Click the Finish Button
Section 4: Create STEGO Directory
  1. Open the Command Prompt
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Accessories --> Command Prompt
  2. Create STEGO Directory
    • Instructions:
      1. mkdir "C:\STEGO"
      2. dir "C:\" | findstr STEGO
    • Note(FYI):
      1. mkdir, make a directory.  In this case, create a STEGO directory directly under the C Drive.
      2. dir "C:\", list all the directories and files directly under the C Drive.  Then use findstr to list only files and/or directories that contain the string STEGO.

Section 5: Download MD5SUMS-1.2
  1. Download md5sums-1.2
    • Instructions:
      1. Navigate to the following URL.
        • http://www.pc-tools.net/files/win32/freeware/md5sums-1.2.zip
      2. Click the Save File Radio Button
      3. Click the OK Button
  2. Choose Destination Location
    • Instructions:
      1. Navigate to the the following destination directory
        • C:\STEGO
      2. Click the Save Button
  3. Open Containing Folder
    • Instructions:
      1. Tools --> Download
      2. Right Click on md5sums-1.2.zip
      3. Click on Open Containing Folder
  4. Extract md5sums-1.2.zip
    • Instructions:
      1. Right Click on md5sums-1.2.zip
      2. Select 7-Zip --> Extract Here
  5. View Results
    • Instructions:
      1. You should see md5sums.exe in the C:\STEGO directory
    • Note(FYI):
      1. We will use md5sums.exe later on in the lesson to compare two images that are exactly alike, except one of the images will have a hidden message.
Section 6: Download Picture
  1. Download Trojan Horse Picture
    • Instructions:
      1. Place the following address in your Firefox browser
        • http://www.computersecuritystudent.com/FORENSICS/Steganography/lesson1/index.44.jpg
      2. Right Click on the picture
      3. Select Save Image As...
  2. Save As horse.jpg
    • Instructions:
      1. Navigate to the following directory
        • C:\STEGO
      2. Name the file "horse.jpg"
        • Make sure you add the .jpg extension.
      3. Click the Save button.

Section 7: Run Quick Stego
  1. Run Quick Stego
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Quick Stego
  2. Open Image
    • Instructions:
      1. Click on the Open Image button
  3. Open Horse Image
    • Instructions:
      1. Navigate to the C:\STEGO Directory
      2. Select the horse.jpg image
      3. Click the Open button
  4. Hide Text
    • Instructions:
      1. Supply your Hidden Message.  My hidden message is below.  (See Picture)
        • Will the Houston Texans ever play in a SuperBowl?
      2. Click the Hide Text Button
      3. Notice the message stating "The text message is now hidden in the image".
  5. Save Image
    • Instructions:
      1. Click the Save Image button
      2. Navigate to the C:\STEGO directory
      3. File name: horse_secret.jpg
        • Make sure you include the .jpg extension.
      4. Click the Save button

Section 8: Proof of Lab
  1. Open the Command Prompt
    • Instructions:
      1. Click the Start Button
      2. All Programs --> Accessories --> Command Prompt
  2. Proof of Lab
    • Instructions:
      1. cd C:\STEGO
      2. dir *.jpg
        • Notice that horse_secret.jpg is 800,000+ bytes larger than horse.jpg.
      3. md5sums.exe *.jpg
        • Notice that the picture look the exact same, their MD5 hashes are different.
      4. date /t
      5. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"
    • Proof of Lab Instructions
      1. Press the <Ctrl> and <Alt> key at the same time.
      2. Press the <PrtScn> key.
      3. Paste into a word document
      4. Upload to Moodle
     

No comments:

Post a Comment