Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 19 May 2013, 22:07
All times are UTC - 4

 Forum index » Advanced Topics » Cutting edge
psteg - a poor man's steganography
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [12 Posts]  
Author Message
technosaurus


Joined: 18 May 2008
Posts: 3843
PostPosted: Mon 24 Oct 2011, 17:14    Post subject:  psteg - a poor man's steganography
Subject description: A practical use for steganography		  
so, its pretty simple, encrypt a file (optional)
xz it to a container file (jpg, mpg, mov ...)
the regular file will work as normal
to get the hidden file just zcat container > original


This was my original intention:
Quote:

inspired by steganography and the exe icons in windows / ROX-App icons in puppy, here is a package format that looks nice too.

This is how it works (have only tested manually, script to follow)
take a screenshot image (as jpeg)
make your package format is optional at this point (tar.xz is my preference)

get the size of your package:
PKGSIZE=`stat -c %s package`

add the package to the jpg:
cat package >> screenshot.jpg

we will need to know how much data to get later:
printf $PKGSIZE >> screenshot.jpg

crap now we need to now how many bytes that was
printf ${#PKGSIZE} >> screenshot.jpg

That is it for creating it, you should still be able to open it with an image viewer.

But how to get the data?

how many bytes was our info string
BYTESINFO=`tail -c 1 screenshot.jpg`

now we get the string:
STRSIZE=`tail -c $(($BYTESINFO+1)) screenshot.jpg`

but we still have that extra byte
SIZE=${STRSIZE:0:BYTESINFO}

tail -c $(($SIZE+${#STRSIZE})) screenshot.jpg |head -c $SIZE >package

Edit: other things to consider - filename, checksum, default operation
use the good ol' puppy standard separator ...
size|file_name|chcksum|chcksumtype|defaultmode|strlen

edit2: I wrote an sfs linker in jwm_tools that will mount link and autorun an sfs file ... new squash has xz support, so perhaps this would be a better way to go. Click on screenshot, get corresponding screen in ~0.2s (similar to magicermine which is currently proprietary)

Last edited by technosaurus on Wed 26 Oct 2011, 13:40; edited 1 time in total
Back to top
View user's profile Send private message 
technosaurus


Joined: 18 May 2008
Posts: 3843
PostPosted: Wed 26 Oct 2011, 02:30    Post subject:  
so here is a working example:
Code:
#!/bin/sh
#copyright 2011 Brad Conroy - redistributable under the UIUC license
[ -f "$1" ] && [ -f "$2" ] || exit
SIZE1=`stat -c %s $1`
SIZE2=`stat -c %s $2`
NAME1=${1##*/}
NAME2=${2##*/}
EXT=${1##*.}

cp $1 ${NAME1}_${NAME2}.$EXT
echo "
NAME1=${NAME1} SIZE1=${SIZE1} NAME2=${NAME2} SIZE2=${SIZE2}
" >> ${NAME1}_${NAME2}.$EXT
cat $2 >> ${NAME1}_${NAME2}.$EXT


Code:
#!/bin/sh
#copyright 2011 Brad Conroy - redistributable under the UIUC license
[ $1 ] && [ -f $1 ] || exit
while read LINE; do
case $LINE in
   NAME1=*SIZE1=*NAME2=*SIZE2=*)eval $LINE;break;;
esac
done < $1
[ "${SIZE1}" ] && [ "${NAME1}" ] && [ "${SIZE2}" ] && [ "${NAME2}" ] || exit
head -c ${SIZE1} ${1} > ${NAME1}
tail -c ${SIZE2} ${1} > ${NAME2}


This is a very generic implementation that can also be used as a poor man's steganography using only busybox applets (shell, stat, head and tail)
the first file should be something containerized (so it knows where the end of its data is) and preferably known to have varying sizes jpeg is fine if the second file is small, but avi, mov or mpg if the second file is large

The second file could be anything from text to a heavily encrypted file.

I think I have it broken down into the simplest form for further modification
you may not need to fuss with recovering the container file - if so you can remove the code related to it ... name1 size1 and head portions
if you are trying to hide a file, you may not want to even have the file name included and just have the output defined by the user - also a fairly easy mod
_________________
Puppy Web Desktop Now with pet packages - Pet Packaging 100 & 101
Back to top
View user's profile Send private message 
PANZERKOPF

Joined: 16 Dec 2009
Posts: 249
Location: Earth
PostPosted: Wed 26 Oct 2011, 11:28    Post subject: Re: jpkg - screenshots as the package format
Subject description: A practical use for steganography		  
technosaurus wrote:
inspired by steganography

Probably I found another way, without any additional tools.
cat archive.tar.xz >>image.jpg
xzcat image.jpg > archive.tar
Seems xzcat successfully finds a signature (FD377A58h) at the end of "garbage" (mean jpeg's body) and decompresses an archive.
_________________
SUUM CUIQUE.
Back to top
View user's profile Send private message 
technosaurus


Joined: 18 May 2008
Posts: 3843
PostPosted: Wed 26 Oct 2011, 12:55    Post subject:  
nice, maybe instead of catting an xz file, we can just:
xz -cze9 inputfile.tc >> outputfile.mpg

edit: nope, neither way seems to be working - back to my previous example then
_________________
Puppy Web Desktop Now with pet packages - Pet Packaging 100 & 101
Back to top
View user's profile Send private message 
aragon

Joined: 15 Oct 2007
Posts: 1690
Location: Germany
PostPosted: Wed 26 Oct 2011, 14:58    Post subject:  
http://linux-hacks.blogspot.com/2009/02/theory-behind-hiding-zipped-file-under.html
http://linux-hacks.blogspot.com/2009/02/hiding-zipped-files-under-jpg-images.html

seems to be more simple.

Aragon
_________________
PUPPY SEARCH: http://wellminded.com/puppy/pupsearch.html
Back to top
View user's profile Send private message 
aragon

Joined: 15 Oct 2007
Posts: 1690
Location: Germany
PostPosted: Wed 26 Oct 2011, 15:04    Post subject:  
a second note: psteg is allready taken by an app from vovchik.

http://www.murga-linux.com/puppy/viewtopic.php?t=57806

aragon
_________________
PUPPY SEARCH: http://wellminded.com/puppy/pupsearch.html
Back to top
View user's profile Send private message 
technosaurus


Joined: 18 May 2008
Posts: 3843
PostPosted: Wed 26 Oct 2011, 15:50    Post subject:  
steg-osaurus it is then Smile
_________________
Puppy Web Desktop Now with pet packages - Pet Packaging 100 & 101
Back to top
View user's profile Send private message 
DPUP5520

Joined: 16 Feb 2011
Posts: 757
PostPosted: Wed 26 Oct 2011, 16:04    Post subject:  
There are many great stego programs out there u may want to check out and try such as hide and seek, outguess, snow, diit, and steghide just to name a few.
_________________
PupRescue 2.5
Puppy Crypt 528
Back to top
View user's profile Send private message 
technosaurus


Joined: 18 May 2008
Posts: 3843
PostPosted: Wed 26 Oct 2011, 16:23    Post subject:  
Yes there are, but they all have some limitation that would keep them out of standard puppy (size, dependencies, file limitations ...)

All this needs is a GUI that uses bcrypt which is already included.

The code in /usr/sbin/grub-md5-crypt and bcrypt_gui is a good starting point

The encryption format can be anything though (including none) if bcrypt is replaced.
_________________
Puppy Web Desktop Now with pet packages - Pet Packaging 100 & 101
Back to top
View user's profile Send private message 
technosaurus


Joined: 18 May 2008
Posts: 3843
PostPosted: Wed 26 Oct 2011, 17:02    Post subject:  
here is the start of a basic gui
Code:
#! /bin/sh
#copyright 2011 Brad Conroy - redistributable under the UIUC license
#todo add bcrypt options, output filename, backup container ...
export MAIN_DIALOG='
<vbox>
   <frame Container Filename>
      <hbox tooltip-text="Select a container file such as: jpg,mpg,avi,mov...">
         <entry accept="filename">
            <label>Select an Existing File</label>
            <variable>CONTAINER_FILENAME</variable>
         </entry>
         <button>
            <input file stock="gtk-open"></input>
            <action type="fileselect">CONTAINER_FILENAME</action>
         </button>
      </hbox>
   </frame>
   <frame Encrypted Filename>
      <hbox tooltip-text="Select the file you wish to encrypt">
         <entry accept="filename">
            <label>Select an Existing File</label>
            <variable>ENCRYPT_FILENAME</variable>
         </entry>
         <button>
            <input file stock="gtk-open"></input>
            <action type="fileselect">ENCRYPT_FILENAME</action>
         </button>
      </hbox>
   </frame>
   <frame Password>
      <entry invisible_char="052" visibility="false">
         <default>woofwoof</default>
         <variable>PASSWORD1</variable>
      </entry>
   </frame>
   <frame Verify Password>
      <entry invisible_char="052" visibility="false">
         <default>woofwoof</default>
         <variable>PASSWORD2</variable>
      </entry>
   </frame>
   <hbox>
    <button ok></button>
    <button cancel></button>
   </hbox>
</vbox>
'

eval `gtkdialog3 --program=MAIN_DIALOG`

[ "$CONTAINER_FILENAME" ] && [ "$ENCRYPT_FILENAME" ] || exit
[  "$PASSWORD1" == "$PASSWORD2" ] || exit

echo "$PASSWORD1
$PASSWORD2" |bcrypt -o "$ENCRYPT_FILENAME" >/tmp/stegosaurus
SIZE=`stat -c %s /tmp/stegosaurus`

echo "
ALLTRANSLATIONSSIZE=${SIZE}
" >> ${CONTAINER_FILENAME}
cat /tmp/stegosaurus >> ${CONTAINER_FILENAME}

yaf-splash -text "complete ${CONTAINER_FILENAME} increased by just over $SIZE"

#for debugging ... this will be in the
#while read A; do case $A in ALLTRANSLATIONSSIZE=*)eval $A && break;;esac;done< ${CONTAINER_FILENAME}
#tail -c $ALLTRANSLATIONSSIZE ${CONTAINER_FILENAME} > ${ENCRYPT_FILENAME}.bfe
Back to top
View user's profile Send private message 
PANZERKOPF

Joined: 16 Dec 2009
Posts: 249
Location: Earth
PostPosted: Thu 27 Oct 2011, 10:16    Post subject:  
technosaurus wrote:

edit: nope, neither way seems to be working - back to my previous example then

Oops... You are right, unxz fails.

Testing zip/unzip archiver:
cat archive.zip >> image.jpg
unzip image jpg
It works! Just says "Warning! ???? extra bytes at begining..."
Note I used "full" unzip, busybox unzip fails.

Testing arj archiver:
cat archive.arj >> image.jpg
arj e image jpg
Works!
_________________
SUUM CUIQUE.
Back to top
View user's profile Send private message 
technosaurus


Joined: 18 May 2008
Posts: 3843
PostPosted: Thu 27 Oct 2011, 16:01    Post subject:  
http://lists.busybox.net/pipermail/busybox/2008-March/064569.html
We can use tr to do the encryption

And zip files can be password protected, but I may take a look at patching busybox zip first.
Other possibilities: use it to add sfs file to kernel image
_________________
Puppy Web Desktop Now with pet packages - Pet Packaging 100 & 101
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [12 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Cutting edge
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.0820s ][ Queries: 12 (0.0121s) ][ GZIP on ]