Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Hiding Things Out In The Open

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 LICENSE.MIT
Octocat-spinner-32 README.md
Octocat-spinner-32 get-payload-from-web.sh
Octocat-spinner-32 piggypack.rb
Octocat-spinner-32 piggyunpack.rb
README.md

PiggyPack

Digital Steganography For Fun And Profit

This is a very rough implementation of lsb image steganography. The ideal goal was outlined in this reddit post::

"A nominal, simple way to piggy back on image uploaders in order to post files of modest size ... I want to explore what that workflow and interfacing would feel like."

In the thread a number of other projects were highlighted that do similar things already:

  • FireSteg: "A steganography sidebar extension, letting you hide files inside images for covert sharing."

  • steghide: ... is a steganography program that is able to hide data in various kinds of image- and audio-files. The color- respectivly sample-frequencies are not changed thus making the embedding resistant against first-order statistical tests.

  • CameraShy: ... is the only steganographic tool that automatically scans for and delivers decrypted content straight from the Web

  • File-Encryptor. Here's the description, reddit thread and citation where I found out about it.

There's some academic work too:

The article on the technique itself can be found here.

Usage

Their are two generously commented files:

  • get-payload-from-web.sh - It gets the payloads from the web, starting from youtube and ending as a 3gp file
  • piggyunpack.rb - The code to separate the image from the audio

Related Work

A number of people have contacted me and made projects inspired from this.

  • Austin Hamman's stegano.js is a javascript version for the browser; using base64 encoders, canvas, and a few other nice tricks. I've thought hard about the problem myself and have run into the same walls that he discloses; primarily that b64encoded data, embedded in an iframe say, "iframe src=data:..." can't do some file-name hinting, like "content-disposition: attachment; filename=" in HTTP.
Something went wrong with that request. Please try again.