Steganography is the art and process of putting one type of information inside another in an attempt to hide it. This is often done in situations where an individual wants to preserve secret information inside normal objects.
This guide shows five of the best steganography tools currently available in Linux. It also shows you how you can hide your first message using these utilities.
What Is Steganography and Why You Should Use It
Steganography is not a new innovation. Since the time of ancient Greeks, historians have written about how cultures used steganography to hide information in plain sight. To that end, one famous account was Herodotus’s story of Histiaeus, where he tattooed a short message on a servant’s bare scalp.
Since then, advances in technology have allowed individuals to use steganography inside digital objects. For example, it is now possible to insert an entire book inside a simple JPEG photograph.
One of the biggest advantages of using steganographic tools is that they are simple and easy to use. In most cases, these programs are just simple command line utilities that take your message and a dummy file.
Another advantage of steganographic tools is that you can get them for free. Most developers nowadays license their utilities as Free and Open Source Software (FOSS). You only need to have a computer and an Internet connection to get started with steganography.
Good to know: FOSS also involves countless programs beyond steganography. Learn how you can install a FOSS distro with Linux-libre.
1. Steghide
Steghide is one of the most popular steganographic tools today. It is a simple command line program that encodes text inside images. Steghide works by creating a random list of bits inside your dummy file and inserts your secret data in between those bits.
This approach means that your data will seamlessly blend in with your dummy file. Further, steghide also includes solid compression and encryption algorithms by default. This ensures difficulty in extracting your information, even if a bad actor knows that your file contains secret data.
You can install steghide in Ubuntu and Debian by running the following command:
sudo apt install steghide
Run this command to create your first steganographic file:
steghide embed -ef ./my-secret-data.txt -cf ./my-plain-image.jpg -sf ./steg-image.jpg
Pros
- Quick and easy to use
- Uses checksums to verify the integrity of data
Cons
- Output is noticeably larger than the original
- Modifies small bits of the original dummy file
Tip: if you prefer to have more confidentiality, learn how to encrypt files using Tomb in Linux.
2. Stegoshare
Stegoshare is a graphical steganographic tool that provides users with an intuitive interface to hide data inside image files. Unlike steghide, stegoshare excels in allowing you to encode large binaries inside multiple files.
Another key advantage of stegoshare over other tools is that it is highly portable. You can distribute the program to other users regardless of the OS they use. For example, you can encode in Linux and still decode it on Windows.
- To use stegoshare, first install its dependencies:
sudo apt install wget openjdk-8-jdk openjdk-8-jre
- Download stegoshare’s binaries from the developer’s website:
wget http://downloads.sourceforge.net/stegoshare/StegoShare.jar
- Run the program and click “Browse.”
- Select your dummy image folder.
- Click the “Select” button underneath “Browse.”
- Select the file that you want to hide.
- Click the “Hide” button to encode your secret data to your dummy file.
Pros
- Simple and easy to use
- Works on any platform that runs Java
Cons
- Produces large files
- Image analysis tools can detect stegoshare’s algorithm
Good to know: find out how to resize and optimize your image from the Linux Terminal.
3. Wavsteg
Aside from embedding information inside images, you can also hide your information using sound files. Wavsteg is a simple, yet effective tool that allows you to blend secret data in between the bits of a digital audio file.
Wavsteg reads an entire audio file and looks for its “Least Significant Bits.” These are the parts of a file that neither delete nor modify the data inside it. An audio file that contains secret data will not have any audible difference from a “clean” file.
- Install its dependencies:
sudo apt install python3 python3-pip PATH=$PATH:/home/$USER/.local/bin/
- Install the program using pip:
pip install stego-lsb
- Once installed, you can start to encode data inside your audio files with the following command:
stegolsb wavsteg -h -i my-plain-music.wav -s my-secret-data.txt -o steg-audio.wav
Pros
- Lightweight and simple to use
- No audible difference between other audio files
Cons
- Only works with text files
- Can produce large files
4. Snow
Snow is a lightweight tool that uses whitespace and tabs to hide information inside text files. Unlike other steganographic tools, snow does not rely on binary formats to encode secret data. This can be incredibly useful in cases where it is not possible to share large binary files.
Since snow only relies on plain text, it is still possible to compress and encrypt your files, similarly to a binary file. Snow can produce extremely small files that can blend in with other text data.
- Install snow with the following command:
sudo apt install stegsnow
- Use the following command to hide the phrase “MakeTechEasier” inside the file “hello.txt.”
stegsnow -C -m "MakeTechEasier" -p asecurepassword hello.txt steg-hello.txt
Pros
- Produces small files
- Output text can be used on any program that accepts plain text
Cons
- Data space can be extremely limited
- Encryption algorithm is relatively outdated
Tip: prefer even more privacy? Switch to these secure email services.
5. Steganoroute
Digital steganography traditionally conceals information within a file. However, it is also possible to use steganography without using dummy files.
Steganoroute is an innovative networking tool that allows you to hide information using TCP. The program creates fake ICMP packets that contain the message that you want to send. A host can then listen to the server for its fake packets and decode its information using a network analysis tool.
- Install steganoroute’s dependencies:
sudo apt install git mtr python3 python-scapy
- Clone the program source code from its repository:
git clone https://github.com/stratosphereips/steganoroute.git
- Broadcast your steganoroute messages by running the following command:
cd ./steganoroute sudo iptables -I INPUT -p icmp --icmp-type 8 -j DROP sudo python3 ./steganoroute.py -i lo -m "MakeTechEasier" -l
- Test whether the program is broadcasting properly by using the
mtr
analysis tool:
mtr -t your.local.lan.ip
Once it is running, you also need to press D to print the message.
Pros
- Does not depend on creating dummy files
- Only need to broadcast to share messages
Cons
- Relies on forging ICMP packets
- Malicious actors can intercept the packets and reconstruct your message
Tip: networking can look daunting to a novice user. Learn how DNS packets travel on the network by using dig.
Frequently Asked Questions
Will steganography change how my file behaves?
No. By default, steganographic tools aim to retain as much of the original data as possible. You can share your file to others and they would still be able to use and access the original file.
I sent a steganographic picture. Why did it lose its message?
This is most likely due to an issue with your image hosting provider. Most image-sharing websites tend to compress images as soon as they hit their servers. This is a problem for steganographic tools, as they rely on the exact data structure of the original image file.
Make sure that your image-hosting provider is not compressing any images that you send via their server.
Are there any downsides to hiding data using steganography?
It depends. For the most part, tools such as steghide rely on hiding data inside regular digital files. While steganography will not change how a file behaves, it will still leave a noticeable imprint on a digital file. This can be a problem if a malicious actor is aware that you are using steganography.
Why is my steganoroute recipient not receiving my ICMP packets?
This is most likely due to your steganoroute server sending its ICMP packets with the wrong interface. To fix this, find the desired networking interface using ip addr
.
Then, add the -i
option, followed by your networking interface. For example, the following runs steganoroute through my Ethernet port: sudo ./steganoroute.py -i enp3s0 -m "MakeTechEasier" -l
.
Image credit: Unsplash. All alterations and screenshots by Ramces Red.
Our latest tutorials delivered straight to your inbox