On 1/24/07, Bob La Quey <[EMAIL PROTECTED]> wrote:
Stegonagraphy has always seemed really neat to me. Here are some
tricks I just ran across.
========================================
Command line - cat your gif and zip
Finally, for those of you comfortable on the command line, reader
Jason H. writes in with a nifty stego trick using built-in tools. The
premise of this technique is to append a .zip file to the end of a
.gif file, resulting in a file which is readable by both .gif programs
and .zip programs.
Jason explains why this works (with the help, he says, from a
long-lost thread at Something Awful):
It works because .gif files keep all of their information in the
headers, while .zip files keep them in the footer. Since that's the
case, .gif viewers read from the front of the file, while .zip readers
read from the end.
Here's how to combine your .gif and .zip.
cat somefile.zip >> somefile.gif
<boblq>
It turns out that this works with .jpg files as well. Just
cat somefile.zip >>somefile.jpg
to retrieve the original somefile:
unzip somefile.jpg
I will leave it to the rest of you to find out what
other image formats work this way.
</boblq>
The problem with this method is that not all zip programs can extract
the resulting file. When I tried, both 7-Zip and Windows built-in
extraction failed, but WinRAR handled it just fine. Still, that's
something the intended recipient should know.
For double super-duper security, password the zip file that you hide
inside the image.
Isn't this just "security by obscurity" which isn't much security at
all. It's almost as good as starting your reply with "^begin ".
carl
--
carl lowenstein marine physical lab u.c. san diego
[EMAIL PROTECTED]
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
