top of page
Search

Stegsnow | Hide a Text In a Text File

Steganography is the practice of concealing a file, message, image, or video within another file, message, image or video.

This utility can conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected.


In this article, we will try to hide data in a text file with a not so famous tool. we will try to make data as hidden as possible. with this tool, you will be able to hide your ssh keys, API keys, passwords and other stuff too. but it is required for the data to be in text (ASCII) form.


Stegsnow provides rudimentary compression, using Huffman tables optimised for English text. However, if the data is not text, or if there is a lot of data, the use of the built-in compression is not recommended, since an external compression program such as compress or gzip will do a much better job. Encryption is also provided, using the ICE encryption algorithm in 1-bit cipher-feedback (CFB) mode. Because of ICE’s arbitrary key size, passwords of any

length up to 1170 characters are supported (since only 7 bits of each character are used, keys up to 1024-bytes are supported).


⤿ Install:

apt install stegsnow

⤿ Help menu:

stegsnow --help

⤿ Let’s hide a message in a text file - for the demonstration, I have created a text file which contains some text names:

> cat original.txt
My bad, I forgot my password, sorry about that.

⤿ Now we want to hide a message in this file:

stegsnow -C -m "My password is 12345" -p "root" original.txt original2.txt

-C is to compressing data. It will also be used in extracting data;

-m is to define the message that supposed to be encrypted;

-p is for the password.


⤿ Now let’s take a look at the original2.txt with nano:


⤿ The file has something in red colour, but we can’t read it. But you can try to read it with hex:

hexdump original2.txt
0000000 794d 6220 6461 202c 2049 6f66 6772 746f
0000010 6d20 2079 6170 7373 6f77 6472 202c 6f73
0000020 7272 2079 6261 756f 2074 6874 7461 092e
0000030 2020 2009 2020 2020 0920 2020 090a 2020
0000040 2009 2020 2020 2020 0909 2020 2020 2009
0000050 2009 2020 2020 0920 2020 0920 2009 2020
0000060 2020 090a 2009 2020 0920 2020 2020 0920
0000070 2020 2020 2020 2009 0920 0920 2009 0920
0000080 2020 2020 200a 2020 2009 2020 2020 2009
0000090 2020 0920 2020 2020 2020 0920 2020 2009
00000a0 2020 2020 0920 2020 2020 0920 2020 2020
00000b0 2020 2009 2020 2020 2020 2009 2020 2020
00000c0 2020 200a 0920 2020 0920 2020 0909 0909
00000d0 000a
00000d1

⤿ To decrypt the file, you will need to use Stegsnow tool again with your given password:

stegsnow -C -p 'root' original2.txt
My password is 12345

And we have our hidden text back.



501 views0 comments

Recent Posts

See All

MacOS | Recording a Packet Trace

A packet trace is a record of traffic traveling across the network. It’s useful for investigating complex network problems related to both correctness and performance. Once you start a packet trace on

DNS Guard

Absolutely everything is connected to the internet these days, from TV to smart light bulbs, from mobile devices to smart cars. Given those ads and ad trackers are everywhere on the Internet, a browse

Cyber Security Interview, Q&A

Can you explain the difference between symmetric and asymmetric encryption? When would you use one over the other? Answer: Symmetric encryption uses a single key to both encrypt and decrypt data, whil

bottom of page