4.3.2.3 Lab – Using Steganography (Answers Solution)

May 16, 2022 Last Updated: May 16, 2022 Cybersecurity Essentials No Comments
Tweet Share Pin it

4.3.2.3 Lab – Using Steganography (Answers)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Objectives

Use steganography to hide a document within a JPEG file.

Background / Scenario

Steghide is an open source steganography program that hides data in various types of files such as audio and image files. You are going to hide a data file within an image file.

Required Resources

  • PC with Ubuntu 16.04 Desktop LTS installed in a VirtualBox or VMware virtual machine

Step 1: Open a terminal window in Ubuntu.

a. Log in to Ubuntu using the following credentials:

User: cisco
Password: password

b. Click on the terminal icon to open a terminal.

Step 2: Run Steghide.

a. At the command prompt, enter the following command to change to the Downloads directory:

[email protected]:~$ cd Downloads/

b. Enter libreoffice secret.odt & at the prompt.

[email protected]:~/Downloads$ libreoffice secret.odt &

What is the message in the secret.odt?

The secret document

c. Close the secret.odt file when done.

d. Enter gimp keyboard.jpg & at the prompt to view the image file

[email protected]:~/Downloads$ gimp keyboard.jpg &

e. Close the keyboard.jpg file when done.

f. At the command prompt, enter the following command :

[email protected]:~/Downloads$ steghide embed -cf keyboard.jpg -ef secret.odt

This command takes the jpeg file called “keyboard.jpg” and uses it as a carrier to embed the document, secret.odt, into it.

g. When prompted for a passphrase, use Cisco. Re-enter the passphrase when prompted.

h. You have embedded the document, odt, into the image file, keyboard.jpg.

i. Open the files, secret.odt and keyboard.jpg. Did these files change?

No. The files did not change.

Step 3: Verify the hidden file.

a. Type the following command in terminal.

[email protected]:~/Downloads$ steghide info keyboard.jpg

b. Type y at the prompt. (Do not press Enter).

c. Enter the passphrase Cisco and press Enter.

d. The results below shows that the file, secret.odt, is encrypted and compressed.

Step 4: Extract the hidden file.

a. Type the following command in terminal.

[email protected]:~/Downloads$ steghide extract -sf keyboard.jpg

b. Enter the passphrase, Cisco, and press Enter.

c. Enter y when prompted to overwrite the existing odt file with the new extracted secret.odt file.

d. You have extracted the file. Open the extracted secret.odt file with LibreOffice.

Could you open the file? Is the secret message the same as before?

The file can be opened and the message is the same as before.

References

Steghide: http://steghide.sourceforge.net/

 


guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x