05/10/2021 Taran Sri Arangesh V

19BEC1204

CSE3501: Information Security Analysis and Audit - Lab

EXPERIMENT: 9
Steganography

1. AIM:
To understand and study Steganography using the different tools available
in Kali linux.

2. SOFTWARE USED:
Oracle VM virtual-machine, Kali Linux, Metaspoitable2 .

3. DESCRIPTION:

Kali Linux is a Debian-derived Linux distribution designed for digital

forensics and penetration testing. It is maintained and funded by Offensive
Security. It was developed by Mati Aharoni and Devon Kearns of Offensive
Security through the rewrite of BackTrack, their previous information security
testing Linux distribution based on Knoppix.

The easiest way to get a target machine is to use Metasploitable 2,

which is an intentionally vulnerable Ubuntu Linux virtual machine that is
designed for testing common vulnerabilities. This virtual machine (VM) is
compatible with VMWare, VirtualBox, and other common virtualization
platforms.

Steghide is a steganography program that is able to hide data in

various kinds of image- and audio-files. The color- respectively
samplefrequencies are not changed thus making the embedding resistant
against first-order statistical tests.

19BEC1204 – cse3501
1
4. Implementation:

 Open Oracle VM VirtualBox -> normal start Kali -> Enter username as ’root’
and the password given while installation -> Open Terminal emulator from the
task bar.
 Open Kali linux Terminal → install steghide using apt-get →using man syntax
we can see the instructions and syntax for steghide → create a new folder in
desktop “steganography” →inside the folder create index.jpeg file and nano
secret.txt file →in the secret.txt give input as 012345678910.

Steghide:

 Next of to embed the secret.txt into index.jpeg use steghide embed -ef
secret.txt -cf index.jpeg -sf outsteg.jpeg -z 7 -e none → enter the passphrase
for the image and execute the command →display both the index and
outsteg.txt file .

19BEC1204 – cse3501
2
19BEC1204 – cse3501
3
 Use md5 command to checksum for index.jpeg and outsteg.jpeg→ We can
also use the sha1 and sha256 checksum and the command used is sha1sum
index.jpeg and sha1sum outsteg.jpeg sha256sum index.jpeg and sha256sum
outtseg.jpeg .

19BEC1204 – cse3501
4
 Now we have successfully embedded the message in the jpeg file but now the
receiver should extract this file → The command we use for extraction is
steghide extract -sf outsteg.jpeg -xf secretfound.txt.
sf - Denotes the secret file which needs to be extracted
xf - Denotes the text file in which the extracted text will be stored
 After executing this command, it will ask for the passphrase. --> We have to
enter the same passphrase which we entered while embedding this file →
After this file gets executed the contents will be saved to the secretfound.txt
→We can see that opening that file using the command nano secretfound.txt.

19BEC1204 – cse3501
5
 We put a audio file in wav format inside the steganography folder and we use
the same secret.txt file to perform this steganography →So here, the
secret.txt text file should be embedded inside the jpeg file→For that we use
the command steghide embed -ef secret.txt -cf sample.wav -sf sampleout.wav
-z 7 -e none →Here we are embedding the secret.txt file inside the wav file
and write the output inside a new file called outsteg.jpeg .

ef - Denotes the file which needs to be embedded

sf - Denotes the file on which the text has to be embedded
z - Denotes the compression level, here the compression level is 7
e - Denotes encryption, here encryption is none

 When we execute this command it will ask for a passphrase which is basically
like a password which the receiver will use to extract the message.
 Here I give the passphrase as taran and it will ask us to re enter the
passphrase just for confirmation.

19BEC1204 – cse3501
6
Stegnow

 It is a tool used for hiding text inside a text file → First we need to install this
tool for this we use the command sudo apt-get install stegsnow[] → To know
more about stegsnow we can use the command man stegsnow to view the
manual of stegsnow. And to come out of it we simply press q.

19BEC1204 – cse3501
7
  We create a file inside this steganography folder called an infile.txt in which
we will have some text.
 We need to hide the sentence my country is india inside this infile.txt and we
have to store the final file inside outfile.txt.
 The command which we use to perform the following is stegsnow -C -m “my
country is india” -p “password” infile.txt outfile.txt
 To extract the message from the outfile.txt we give the command stegsnow -C
-p “password” outfile.txt

C - Denotes that we are compressing the message into the file

M - Denotes message file
p - Denotes the password the receiver should use to extract the message

Stegcracker

 Brute force attack to find out the passwords to extract the message from the
output file. → We have to install this software called stegcracker. For that we
use the command - sudo apt-get install stegcracker --> We have to create a

19BEC1204 – cse3501
8
 wordlist which will have the potential passwords using the command nano
wordlist.txt .
 An output secret file called outsteg.jpeg so we will try to crack the password to
open this file →The command to perform this stegcracker outsteg.jpeg
wordlist.txt →This command will basically try all the potential passwords in the
wordlist.txt file and finds the correct one → We know that the password i gave
for the outsteg.jpeg file was ramki and we can see that this tool has also
found the correct password to be taran .

19BEC1204 – cse3501
9
Stegseek

 Install the Debian file to install stegseek from the github repository → After we
install the debian file we install stegseek by using the command sudo apt
install ./stegseek 0.6-1.deb → Stegseek is also a similar tool like stegcracker
but more faster than that → Here also it will do a brute force attack by
checking each and every potential password to open the extracted file→The
command used here is stegseek outsteg.jpeg wordlist.txt→After executing the
command we can see that the right password has been found by the stegseek
tool.

19BEC1204 – cse3501
10
Stegbrute

 Download the Debian file from the available github repository for stegbrute
tool and execute the following commands.
 sudo apt install ./stegbrute_0.1.1_amd64.deb – installs the stegbrute tool.
 stegbrute --help – displays the user manual for stegbrute.

19BEC1204 – cse3501
11
  stegbrute -f output.jpeg -w wordlist.txt – operates in the same way as
stegcracker and stegseeker tools.

5. RESULT:
Hence, Within this experiment, the working and practical
implementation of the understand and study Steganography in Kali Linux
using steg.was demonstrated. A grasp of the Linux environment was
achieved,to comfortably work in for further lab experiments/exercises

19BEC1204 – cse3501
12