I am a 3x Entrepreneurs. Love writing code and sharing what I learn everyday as a programmer and an entrepreneur.

May 19, 2007

Hiding malicious program in Simple text document

Text Stganography

A very common data-hiding technique used by a large number of attackers is text steganography. This is a form of steganography that allows attackers to hide secret messages within other text files. Text steganography is probably one of the most inconspicuous data hiding techniques on Internet.
It allows attackers to carry out information thefts without inviting much attention.
Text steganography hides the secret message in the extra white space present in host text file .An attacker can easily hide a secret text message withn an innocent text file and then transmit it to external untrusted destination through either email or IM. Hence an attaker can use this technique for stealing IP in following ways:
1.) Prepare a host text file inside which secre text message has to be hidden.
2.) Use text steganography tool named Snow[download here] or any other tool available to hide the secret message within the host text file.This can be done by going to the command line prompt and typing the command:
Snow –C –m”Secret Message” –p “Password” infile outfile
Secret Message: Is the text to be hidden inside a host text file.
Password: Used to include authorisaton in the host text file.Without this secret file cannot be recovered
Input File:The path of host text file
Output file:The path where final text file has to be stored,which will include the hidden text file.
3.)The final text containing the hidden text message is almost indistinguishable from the original hsot file.The human naked eye cnnot differntiale between the two files.

No comments:

Post a Comment