5 of the Best Steganography Tools in Linux

A photograph of a woman nervously working in front of a laptop.

Steganography is the art and process of putting one type of information inside another in an attempt to hide it. This is often done in situations where an individual wants to preserve secret information inside normal objects.

This guide shows five of the best steganography tools currently available in Linux. It also shows you how you can hide your first message using these utilities.

What Is Steganography and Why You Should Use It

Steganography is not a new innovation. Since the time of ancient Greeks, historians have written about how cultures used steganography to hide information in plain sight. To that end, one famous account was Herodotus’s story of Histiaeus, where he tattooed a short message on a servant’s bare scalp.

Since then, advances in technology have allowed individuals to use steganography inside digital objects. For example, it is now possible to insert an entire book inside a simple JPEG photograph.

A window showing a picture that contains a hidden message.
Image source: Unsplash

One of the biggest advantages of using steganographic tools is that they are simple and easy to use. In most cases, these programs are just simple command line utilities that take your message and a dummy file.

A terminal showing the options of steghide.

Another advantage of steganographic tools is that you can get them for free. Most developers nowadays license their utilities as Free and Open Source Software (FOSS). You only need to have a computer and an Internet connection to get started with steganography.

Good to know: FOSS also involves countless programs beyond steganography. Learn how you can install a FOSS distro with Linux-libre.

1. Steghide

Steghide is one of the most popular steganographic tools today. It is a simple command line program that encodes text inside images. Steghide works by creating a random list of bits inside your dummy file and inserts your secret data in between those bits.

This approach means that your data will seamlessly blend in with your dummy file. Further, steghide also includes solid compression and encryption algorithms by default. This ensures difficulty in extracting your information, even if a bad actor knows that your file contains secret data.

You can install steghide in Ubuntu and Debian by running the following command:

sudo apt install steghide

Run this command to create your first steganographic file:

steghide embed -ef ./my-secret-data.txt -cf ./my-plain-image.jpg -sf ./steg-image.jpg
A terminal window showing steghide in action.

Pros

  • Quick and easy to use
  • Uses checksums to verify the integrity of data

Cons

  • Output is noticeably larger than the original
  • Modifies small bits of the original dummy file

Tip: if you prefer to have more confidentiality, learn how to encrypt files using Tomb in Linux.

2. Stegoshare

Stegoshare is a graphical steganographic tool that provides users with an intuitive interface to hide data inside image files. Unlike steghide, stegoshare excels in allowing you to encode large binaries inside multiple files.

A window showing the basic interface for stegoshare.

Another key advantage of stegoshare over other tools is that it is highly portable. You can distribute the program to other users regardless of the OS they use. For example, you can encode in Linux and still decode it on Windows.

  1. To use stegoshare, first install its dependencies:
sudo apt install wget openjdk-8-jdk openjdk-8-jre
A terminal window showing the dependency installation process for stegoshare.
  1. Download stegoshare’s binaries from the developer’s website:
wget http://downloads.sourceforge.net/stegoshare/StegoShare.jar
  1. Run the program and click “Browse.”
A window showing the browse button for stegoshare.
  1. Select your dummy image folder.
A window showing the file picker for stegoshare.
  1. Click the “Select” button underneath “Browse.”
A window showing the select button in stegoshare.
  1. Select the file that you want to hide.
A window showing the data picker for stegoshare.
  1. Click the “Hide” button to encode your secret data to your dummy file.
A window showing the hide button in stegoshare.

Pros

  • Simple and easy to use
  • Works on any platform that runs Java

Cons

  • Produces large files
  • Image analysis tools can detect stegoshare’s algorithm

Good to know: find out how to resize and optimize your image from the Linux Terminal.

3. Wavsteg

Aside from embedding information inside images, you can also hide your information using sound files. Wavsteg is a simple, yet effective tool that allows you to blend secret data in between the bits of a digital audio file.

A screenshot of the comparison between a clean audio file and one filled with data.

Wavsteg reads an entire audio file and looks for its “Least Significant Bits.” These are the parts of a file that neither delete nor modify the data inside it. An audio file that contains secret data will not have any audible difference from a “clean” file.

  1. Install its dependencies:
sudo apt install python3 python3-pip
PATH=$PATH:/home/$USER/.local/bin/
  1. Install the program using pip:
pip install stego-lsb
A terminal window showing the installation process for wavsteg.
  1. Once installed, you can start to encode data inside your audio files with the following command:
stegolsb wavsteg -h -i my-plain-music.wav -s my-secret-data.txt -o steg-audio.wav
A terminal window showing the encoding for wavsteg.

Pros

  • Lightweight and simple to use
  • No audible difference between other audio files

Cons

  • Only works with text files
  • Can produce large files

4. Snow

Snow is a lightweight tool that uses whitespace and tabs to hide information inside text files. Unlike other steganographic tools, snow does not rely on binary formats to encode secret data. This can be incredibly useful in cases where it is not possible to share large binary files.

A terminal window showing the manpage for snow.

Since snow only relies on plain text, it is still possible to compress and encrypt your files, similarly to a binary file. Snow can produce extremely small files that can blend in with other text data.

  1. Install snow with the following command:
sudo apt install stegsnow
  1. Use the following command to hide the phrase “MakeTechEasier” inside the file “hello.txt.”
stegsnow -C -m "MakeTechEasier" -p asecurepassword hello.txt steg-hello.txt
A terminal window showing snow at work.

Pros

  • Produces small files
  • Output text can be used on any program that accepts plain text

Cons

  • Data space can be extremely limited
  • Encryption algorithm is relatively outdated

Tip: prefer even more privacy? Switch to these secure email services.

5. Steganoroute

Digital steganography traditionally conceals information within a file. However, it is also possible to use steganography without using dummy files.

Steganoroute is an innovative networking tool that allows you to hide information using TCP. The program creates fake ICMP packets that contain the message that you want to send. A host can then listen to the server for its fake packets and decode its information using a network analysis tool.

  1. Install steganoroute’s dependencies:
sudo apt install git mtr python3 python-scapy
  1. Clone the program source code from its repository:
git clone https://github.com/stratosphereips/steganoroute.git
  1. Broadcast your steganoroute messages by running the following command:
cd ./steganoroute
sudo iptables -I INPUT -p icmp --icmp-type 8 -j DROP
sudo python3 ./steganoroute.py -i lo -m "MakeTechEasier" -l
A terminal window showing steganoroute broadcasting a message.
  1. Test whether the program is broadcasting properly by using the mtr analysis tool:
mtr -t your.local.lan.ip

Once it is running, you also need to press D to print the message.

A terminal window showing the broadcast message for steganoroute.

Pros

  • Does not depend on creating dummy files
  • Only need to broadcast to share messages

Cons

  • Relies on forging ICMP packets
  • Malicious actors can intercept the packets and reconstruct your message

Tip: networking can look daunting to a novice user. Learn how DNS packets travel on the network by using dig.

Frequently Asked Questions

Will steganography change how my file behaves?

No. By default, steganographic tools aim to retain as much of the original data as possible. You can share your file to others and they would still be able to use and access the original file.

I sent a steganographic picture. Why did it lose its message?

This is most likely due to an issue with your image hosting provider. Most image-sharing websites tend to compress images as soon as they hit their servers. This is a problem for steganographic tools, as they rely on the exact data structure of the original image file.

Make sure that your image-hosting provider is not compressing any images that you send via their server.

Are there any downsides to hiding data using steganography?

It depends. For the most part, tools such as steghide rely on hiding data inside regular digital files. While steganography will not change how a file behaves, it will still leave a noticeable imprint on a digital file. This can be a problem if a malicious actor is aware that you are using steganography.

Why is my steganoroute recipient not receiving my ICMP packets?

This is most likely due to your steganoroute server sending its ICMP packets with the wrong interface. To fix this, find the desired networking interface using ip addr.

Then, add the -i option, followed by your networking interface. For example, the following runs steganoroute through my Ethernet port: sudo ./steganoroute.py -i enp3s0 -m "MakeTechEasier" -l.

Image credit: Unsplash. All alterations and screenshots by Ramces Red.

Is this post useful?
Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Ramces Red
Ramces Red - Staff Writer

Ramces is a technology writer that lived with computers all his life. A prolific reader and a student of Anthropology, he is an eccentric character that writes articles about Linux and anything *nix.