Steganography

Date: 2021-10-13

Difficulty: Beginner

Delivered By: Joshua Wardle

Overview

Steganography is the art of hiding information in plain sight. When applied to cyber security, it often refers to concealing data (with a special meaning) within other data - such as a hidden message inside a file. A recent, but growing, trend involves using steganography as part of a wider attack, such as to hide shellcode:

When applied to CTFs, the use of steganography can make the process of locating a flag much trickier and more puzzling. Instead of the flag being available in the open, it could be concealed in an otherwise mundane file!

In this session, we will explore the basics of steganography including what it is, how it came about, common tools used and how they are applied to data hidden in:

• Text
• Images
• Audio
• Network Traffic
• Files

There is also an opportunity to make your own challenge and compete against others to win a flag worth double points. We will not be discussing mathematical approaches to steganography as seen in research and literature; that is above the scope of what we will look at. If you wish to explore these techniques, you're encouraged to do so when you make your own challenge.

Prerequesites

To take part in this session, you will need to bring a laptop or share with someone else. In particular, you will want to install:

• HxD
• GIMP
• steghide
• Audacity
• Wireshark

You may want to use a Linux VM if you are on Windows, but this isn't required.

Furthermore, knowledge of the following would be ideal as a starting point:

• Binary
• Hexadecimal
• HTTP (from Web 101)

Session Link

You can attempt our steganography challenges by navigating to http://stego.sucss.org!

Please note this is not a HTTPS link, so if you recieve an SSL/TLS or 403 error, make sure to check that your browser of choice did not change the URL by accident.

Brute forcing passwords using tools such as Hydra is not allowed.