Home
Calendar
Certifications
Columns
Features
Forum
Resources
Vitals
Latest Additions
April 2013 Free Giveaway Sponsor - eLearnSecurity
Human Intelligence to Navigate the Security Data Deluge
February 2013 Free Giveaway Winner of SANS CyberCon Training
Interview: Bugcrowd Founders on Herding Ninjas for Crowdsourced Bug Bounties
Network Forensics: The Tree in the Forest
March 2013 Free Giveaway Sponsor - Mile2
Book Review: Violent Python
February 2013 Free Giveaway Sponsor - SANS
Holiday 2012 Free Giveaway Winner of Metasploit Pro by Rapid7
Course Review: SANS FOR408 Computer Forensic Investigations – Windows In-Depth
The Security Consulting Sugar High
Tutorial: Fun with SMB on the Command Line
Interview: Ilia Kolochenko, CEO of High-Tech Bridge
October 2012 Free Giveaway Winner of LearningGate Training
The Broken: Assessing Corporate Security in 2012 to Make a Better 2013
EH-Net Login
Welcome Guest.
Username:
Password:
Remember me
Lost Password?
No account yet?
Register
Who's Online
We have 46 guests online
You are here:
Home
Resources
Tools
how it works???????
EH-Net
May 21, 2013, 12:25:45 PM
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
News
: Go back to The Ethical Hacker Network Online Magazine
Home Page
Home
Help
Calendar
Login
Register
EH-Net
>
Resources
>
Tools
(Moderator:
don
) >
how it works???????
Pages: [
1
]
Go Down
« previous
next »
Print
Author
Topic: how it works??????? (Read 25574 times)
0 Members and 1 Guest are viewing this topic.
proudindian
Newbie
Offline
Posts: 32
how it works???????
«
on:
January 28, 2008, 11:24:13 PM »
hey can anyone please tell me how the camera shy tool works?
?I want a tutorial about it,how it works for steganography?
???Its very interesting
Logged
BillV
Hero Member
Offline
Posts: 1892
Re: how it works???????
«
Reply #1 on:
January 28, 2008, 11:38:11 PM »
I've not done a lot with it, but I believe there's a short introduction to it in the CEH courseware. It basically allows you to see hidden messages by typing in a password. It may have more/other uses, but again, I haven't played much with that tool.
Logged
proudindian
Newbie
Offline
Posts: 32
Re: how it works???????
«
Reply #2 on:
January 30, 2008, 01:29:51 AM »
BIllv
Thnx for your rely.I kno any1 can see the hidden mesg I mean there is a process of hideing a messg behind a pic,but can we just use it for hideing programmes behind the gif?
?Please help......
Logged
jimbob
Guest
Re: how it works???????
«
Reply #3 on:
January 30, 2008, 05:33:45 AM »
Some stego programs store binary files in images e.g. word documents. There's no reason you couldn't use them to hide an executable file, although I can't comment on camera shy specifically as I've never used it.
If only text is supported in a tool you can encode binary data in text format using something like uuencode and store the data as text.
Jimbob
Logged
proudindian
Newbie
Offline
Posts: 32
Re: how it works???????
«
Reply #4 on:
January 30, 2008, 11:08:34 AM »
jimbob
can you tell me any stego tools which can hide an excutable file behind a pic?
Logged
don
Editor-In-Chief
Administrator
Hero Member
Offline
Posts: 4165
Editor-In-Chief
Re: how it works???????
«
Reply #5 on:
January 30, 2008, 02:50:36 PM »
I haven't used this program, but your post sent me on a little surfing trip and I found this:
Invisible Secrets 4
Check out some of the legit features that one could use for illegit purposes:
Quote
Destroy Files
Deleting files and folders from Windows Explorer is not secure. This will delete only the file's name so that you will no longer see it in Windows Explorer. To destroy files and folder beyond recovery you must overwrite the file/folder before erase. Invisible Secrets 4 provides an integrated Shredder (DoD 5220.22-M compliant) for this operation.
New! Internet Trace Destructor
Internet Traces are information left behind on your computer while you browse the Internet: internet cache, cookies, recently typed URLs, Internet Explorer History and Most Recently Used Documents / Applications.
With Invisible Secrets 4 you can destroy all these traces so that nobody would ever know what did you use the Internet for, and what websites you visited.
New! Cryptboard
The Cryptboard is a new concept in Invisible Secrets 4. While working in Window Explorer (or other shell programs) you can add files to the Cryptboard - which is similar to a basket that contains files. The files are remembered in a list (called Cryptboard), and you can perform various security operations on them in a single step, anytime you want. The Cryptboard is accessible through the context menu, the tray icon, or from the main program.
New! EMail Encryption
Invisible Secrets 4 offers a new function: creation of Self Decrypting Packages. Using this function you can create an executable package with encrypted content. Before encryption the files are compressed. After the package is created you can send it by email. All the receiver needs to decrypt the package at destination is the correct password (no need of special programs), since the package is a program itself.
New! IP-to-IP Password Transfer
In security everything is related to passwords and keys. Once two parties agree on a password they can initiate a secure communication and send encrypted emails or documents. The only problem is to communicate to the recipient the correct key,
without the danger that a hacker might intercept the password during the transfer. This feature allows you to exchange a password between two computers using an encrypted internet line.
New! Application Locker
If you have applications on your computer that you would like to keep only for yourself, or to restrict the access to those applications, the perfect solution for you is the Lock Applications function. Invisible Secrets will encrypt the application. When you want to run a locked application you need to provide the password. Invisible Secrets will decrypt the application and will allow you to run it. After the application is closed, Invisible Secrets re-encrypts it in the background. To quickly open the list of locked application you can define a hot-key, or use the tray menu.
Don
Logged
CISSP, MCSE, CSTA, Security+ SME
proudindian
Newbie
Offline
Posts: 32
Re: how it works???????
«
Reply #6 on:
February 02, 2008, 07:05:17 AM »
but I heared that we can hide messges behind the picture,but is this possible to hide any executable code behind the pic?
Logged
pseud0
Recruiters
Full Member
Offline
Posts: 208
Re: how it works???????
«
Reply #7 on:
February 02, 2008, 10:01:16 AM »
To be clear, you are going to be able to hide the actual data of an executable within a pic (the 1's and 0's) but it is no longer going to be an executable. The operating system has specific ways to identify any piece of data as being something it can execute, or if it is simply a piece of data that is going to be used by something else. As soon as you mask the executable file by running it though your stego program you are going to break that link as the OS will not be able to recognize it as being a program. Until someone on the other end pulls it back out of the stego file it won't be executable again. Even then, on some OS's you are going to have to do some work to get the file flagged as an executable again. For example, in *IX operating systems you might have to do a #>chmod +x to get it recognizable again. With all that being said, there are some special cases where you can make data files act a little like executables (think the windows .jpg hacks that were popular for awhile) but that doesn't seem to be what you're looking for.
Logged
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER
aldoelam
Newbie
Offline
Posts: 3
Re: how it works???????
«
Reply #8 on:
August 28, 2008, 02:01:13 AM »
Quote from: proudindian on February 02, 2008, 07:05:17 AM
but I heared that we can hide messges behind the picture,but is this possible to hide any executable code behind the pic?
No, you cannot hide an executable inside a picture using steganography. Steganography can only be used to hide text, and encrypted it.
If you want to hide an executable, use a "wrapper" instead.
Logged
oneeyedcarmen
Full Member
Offline
Posts: 233
Klaatu, Borada,Necktie?
Re: how it works???????
«
Reply #9 on:
August 29, 2008, 08:42:06 AM »
Quote from: aldoelam on August 28, 2008, 02:01:13 AM
Quote from: proudindian on February 02, 2008, 07:05:17 AM
but I heared that we can hide messges behind the picture,but is this possible to hide any executable code behind the pic?
No, you cannot hide an executable inside a picture using steganography. Steganography can only be used to hide text, and encrypted it.
If you want to hide an executable, use a "wrapper" instead.
Check out the
other thread about this topic
And with the GIFAR presentation at BlackHat by Nate McFeters, et al. you'll find that pictures combined with Java will do exactly what you just said cannot be done.
Quote from: Me
Apparently this garnered some attention at BlackHat this week. Rich Mogull gave a little
write up about it over on Securosis
, but I've been seeing a lot of others talking about it, too.
Logged
Reluctant CISSP, Certified ASS
Pages: [
1
]
Go Up
Print
« previous
next »
Jump to:
Please select a destination:
-----------------------------
EH-Net
-----------------------------
=> Calendar Of Events
===> ChicagoCon 2007
===> ChicagoCon 2008s
===> ChicagoCon 2008f
===> ChicagoCon 2009s
=> Ethical Hacktivism
=> News Items and General Discussion About EH-Net
===> Greetings
=> Special Events
-----------------------------
Ethical Hacking Discussions and Related Certifications
-----------------------------
=> General Certification
===> Networking
===> OS
===> Security
=> Compliance, Regulations & Standards
=> Control Systems
=> Cyber Warfare
=> Forensics
===> CCE / MCCE - (Master) Certified Computer Examiner
===> CHFI - Computer Hacking Forensic Investigator
===> EnCE - EnCase® Certified Examiner
===> GCFA - GIAC Certified Forensics Analyst
=> Hardware
=> Incident Response
===> CSIH - Computer Security Incident Handler
===> GCIH - GIAC Certified Incident Handler
=> Malware
===> Advisories
=> Mobile
=> Network Pen Testing
===> CEH - Certified Ethical Hacker
===> CPTC - Certified Penetration Testing Consultant
===> CPTE - Certified Penetration Testing Engineer
===> CSTA - Certified Security Testing Associate
===> eCPPT - eLearnSecurity Certified Professional Penetration Tester
===> ECSA - EC-Council Certified Security Analyst
===> GPEN - GIAC Certified Penetration Tester
===> OSCP - Offensive Security Certified Professional
=> Physical Security
=> Programming
=> Social Engineering
=> Web Applications
=> Wireless
===> CWNP Certs
===> GAWN - GIAC Assessing Wireless Networks
===> OSWP - Offensive Security Wireless Professional
=> Other
-----------------------------
Columns
-----------------------------
=> Editor-In-Chief
=> Andress
=> Gates
=> Haddix
=> Hadnagy
=> Heffner
=> Hoffman
=> Linn
=> RichM
=> Murray
=> J. Peltier
=> Weidman
=> Wilson
-----------------------------
Features
-----------------------------
=> /root
=> Book Reviews
=> Opinions
=> Skillz
===> Examples
===> May 06 - Star Hacks, Episode V: The Empire Hacks Back
===> July 06 - Hack Bill!
===> Sept 06 - Netcat in the Hat
===> Nov 06 - Hitch-Hackers Guide to the Galaxy
===> Dec 06 - A Christmas (Hacking) Story
===> Feb 07 - Charlottes Web Site
===> April 07 - Microsoft Office Space
===> June 07 - Serenity Hack
===> Oct 07 - Worst. Ethical. Hacker. Challenge. Ever.
===> Dec 07 - Frosty the Snow Crash
===> March 2008 - It Happened One Friday
===> Oct 2008 - Scooby Doo and the Crypto Caper
===> Dec 08 - Santa Claus Is Hacking to Town
===> Feb 2009 - Brady Bunch Boondoggle
===> July 2009 - Prison Break
===> October 2009 - SSHliders
===> December 2009 - Miracle on Thirty-Hack Street
===> December 2010 - The Nightmare Before Charlie Browns Christmas
-----------------------------
Resources
-----------------------------
=> Career Central
===> Looking For Work
===> Looking To Hire
=> Links to cool sites.
=> Mass Media
=> News from the Outside World
=> Tools
=> Tutorials
===> Tutorial Requests
Loading...
Exclusive Deal
SANSFIRE 2013
June 15 - 22
5% Off
w/ Code
:
EHN_5
SANS Deals 4 EH-Netters
5% OFF
Any
SANS Course
in Any Format!
Coupon Code:
EHN_5
Including
SANS Rocky Mountain 2013
&
SANS Boston 2013
Polls
Compared to this year, 2013 will be:
Great!
Better.
About the same.
Little worse.
FUBAR!
Recent Forum Topics
Network Pen Testing
: De-ICE 1.140 released!
(2) by
superkojiman
Programming
: Finished Python Course in Codecademy now what?
(12) by
3xban
Network Pen Testing
: AIX Vulnerability Assessments
(1) by
3xban
General Certification
: CPT Practical Submission
(1) by
UNIX
OSCP - Offensive Security Certified Professional
: Failed my first attempt at the OSCP exam
(94) by
azmatt
Tools
: Social-Engineer Toolkit (SET) Version 5.0 “The Wild West” Released
(2) by
m0wgli
Malware
: EICAR?
(3) by
UKSecurityGuy
Advisories
: HTB23154: Multiple Vulnerabilities in Exponent CMS
(0) by
AndyP
Advisories
: HTB23153: Multiple Vulnerabilities in Jojo CMS
(0) by
AndyP
Advisories
: HTB23151: Cross-Site Request Forgery (CSRF) in UMI.CMS
(0) by
AndyP
Tutorials
: Need guidance
(8) by
r0ckm4n
OSCP - Offensive Security Certified Professional
: Class Scheduled 6/8 - Linux n00b
(7) by
Taemyks
OSCP - Offensive Security Certified Professional
: OSCP exam scheduled
(6) by
gbhat
Incident Response
: LinkedIn Forensics
(0) by
AFENTIS_Forensics
General Certification
: Red Team/Blue Team
(1) by
ajohnson
Career Central
: Starter cert?
(3) by
Grendel
Network Pen Testing
: Beginner Ethical Hacker
(1) by
m0wgli
Web Applications
: Nessus and Nikto
(4) by
Seen
Network Pen Testing
: Cracking salted MD5 hash
(4) by
n37sh@rk
CEH - Certified Ethical Hacker
: Passed my C|EH
(3) by
n37sh@rk
Mass Media
: EC-council hacked, irony at his best?
(0) by
j0rDy
Web Applications
: SQL Injection into an INSERT statement.
(6) by
eyenit0
Network Pen Testing
: Solution for sipXtapi INVITE Message CSeq Field Header Remote Overflow
(1) by
m0wgli
Web Applications
: dns
(2) by
H1t M0nk3y
Other
: BSides Boston
(0) by
3xban
Career Central
: InfoSec in Central, FL
(2) by
tturner
Web Applications
: Web vulnerability scanner
(4) by
H1t M0nk3y
EH-Net News Feeds
Latest Additions
Privacy Notice
for TDCC & All Properties
© 2013 The Ethical Hacker Network
Joomla!
is Free Software released under the GNU/GPL License.