/tech/ - Technology★

>>1042057 (OP)

just tested it and it works

Someones discovered steganography. What will really boil your noodle is when you start realizing tons of images deploy this method on 8chan and it has been used for secret communications for years.

>>1042060

Please I Didn't need to know how bad things really are.

>>1042060

I think you can also hide messages using a text file to pretty much I just opened a command prompt and did this

Copy /b image.jpg + file hidden.jpg

>>1042063

I even created a batch file making it easier to do that

>>1042063

Theirs a lot of stupid shit you can hid in a image

>>1042063

Pardon my spelling and grammar i have a lot of issues

>>1042057 (OP)

Ive done this using videos to and i was able to do it Successfully

>Hey gaise, it's 2005 again!

>I'm excited about this stenanography that even moot managed to write a program to detect in 2006

>>1042060

Is this even steganography? It's akin to concatenating two files together.

>>1042089

No it's not steganography and is simply concatenating two files together (you're correct).

The easiest and simplest form of steganography is least significant bit encoding but that's not what this is.

I remember when you would be autobanned on halfchan for stapling an MP3 to a picture, way back in the days before GG. Before then, it was the way people would have "name that tune" threads with a bunch of "play this picture in winamp" images.

>>1042099

>The easiest and simplest form of steganography

Do you have any suggestions for materials to learn about other forms?

>>1042126

Just look up QR codes or even http://www.datagenetics.com/blog/november32013/

>>1042276

Will check those out. Thanks.

convert <input image> <output image>

Based and powerful

>>1042110

That came about from moot getting a Scientologist's dick up his ass over Anons doing the concat trick to spread the OT Documents.

Are there any scripts to detect embedded files in bulk? I have tons of images and I'm interested if there are any there.

>>1042057 (OP)

Coudln't even uplpoad 3mb image last few days then there's this? wtf

>>1042126

i made a video on a some software for windows that makes it pretty easy to do you just cant save files with it https://youtu.be/ZGlkjxCRwzc

>>1042478

what would you even do with a copy of 3.1?

>>1042484

install it in dosbox

>>1042486

i meant with the operating system its-self

>>1042484

i don't think you could get it to work with freedos a lot of people have tried

>>1042487

idk i did it cuz i could

>>1042489

did you virus scan it?

>>1042490

i did

>>1042491

but i was thinking. wouldn't it be really easy to tell which flies are hiding stuff just by how large they are

>>1042495

true im looking for some other sort of software to do it with i think openstago is better

>>1042498

i really thing the prospect is pointless because this method still requires you to put your cleverly hidden (thing) at the mercy of 120 autistic s

>>1042432

>I'm a cripple Windows user who doesn't have the IQ to recognize that it's a case of images looking like archive files to an unarchiver program.

>>1042057 (OP)

>Just open random file with winrar guys

https://www.zdnet.com/article/100-unique-exploits-and-counting-for-latest-winrar-security-bug/

>>1042527

>what is a hex editor

>what is GNU file or its alternatives.

>>1042527

yeah dont use winrar

>>1042527

Not to mention Winrar is a proprietary program

a decent programme splits a file among a couple of dozen image files, so they are all only slightly larger than average.

download them all and reconstitute the file

>>1042641

holy shit i didnt know it was that bad

>>1042660

remember the "post sinks mods are asleep" threads in 2007/2008 on 4chan?

Yea, filled to brim with CP

>>1042630

RAR is a proprietary algorithm.

>>1042500

>just open a couple thousand images one by one in search of an archive

Yeah, no thanks.

>>1042704

hey is a possibility you could have it on your pc and not even know it

>>1042704

until the feds break down your door

>>1042704

its kind of scary if you think about it but i wouldn't worry about it as long as you don't download random images off of an image board i think you should be fine but that goes with out saying

>>1042723

>as long as you don't download random images off of an image board

This is literally all i ever do.

>>1042728

lol

>>1042728

some one should lock this thread

cant you just batch convert the image to the same file format or different file format to shave off the excess data

>>1042768

>same file format

No as the data could just transfer over

>different file format

Usually this does the trick but some stengraphy methods use the individual pixels to transmit data and not the formatting of such. For those kinds of things you need to print out the image and blur it up a little with water then scan it back into your computer and wala, the image is clean now.

>>1042740

Why, are you annoyed someone might mention that images downloaded from major services like faceberg or twitter actually have CP embbedd in every single last image in secret so that the governments that make CP illegal can just arrest you without explanation for browsing goybook once? Well this is indeed a thing. But the algorithm to re assemble the CP is a closely guarded trade secret by intelligence agencies/mossad, who planted the CP in the first place being the faggots that they are.

>>1042057 (OP)

What if we hid temple OS virtualbox images inside images (pun) and put sekrit files in there? Anyone wanna try this?

>>1042527

>not using unrar linux

>>1042794

A whole new way to add an extra layer of work. Don't forget the big boy file size either

>>1042641

Remember "Mods are sleep, post sinks"?

>>1042693

Why are you even here if you're a windowsnigger? This is a tech board, leave.

>>1042057 (OP)

8chan started silently removing concatenated files a few months ago, I noticed it while doing it myself.

No matter how I download your pic it's 27kB.

>>1042704

Batch convert your images to another image format (or same image format, really); this should get rid of lumped data. You may also use lossy compression algorithm to remove data hidden in least significant bit of RGB triplets. Don't forget to discard EXIF and meta data.

Appending a file with copy is baby's first stego. Try embedding the file directly into the image data with something like steghide. Much much harder to detect and filter! 😹

>>1042795

Never heard of this 'unrar linux'.

>>1042794

I definitely think we should temple OS is the ultimate operating system

>>1042862

I am the original poster hand yes I are any swapped over to using steghide

>>1042917

What an interesting story you have there bro

>>1042917

I wonder if I could copy of the original New Zealand's shooters manifesto and hide it in an image

>>1042917

Fuck it know I can and I can use steghide to do it with

>>1042917

And after I've hidden the manifesto inside the image I shall upload it to appear to peer to peer distributed network good lick censoring that Bahaha

>>1042921

This has nothing to do with being an edgylord who can distribute the Christchurch /pol/tard's Manifesto in a way that ((they)) can't prevent, sorry.

>>1042926

This has nothing to do with being an edgylord who can distribute the Christchurch /pol/tard's Manifesto in a way that ((they)) can't prevent, sorry.

>>1042927

Oh I apologize about that

>>1042927

I got a little carried away

Moot must be watching me Because I think I'm minute after I made this post I was perma banned on 4chan

I got a feeling moot is watching meeeee oh I got no privacy

>>1042921

>>1042926

>>1042917

This is the memetic virus I kept telling /pol/ about.

It makes censorship impossible.

>>1042772

I already told my mum to purge my hdds if I die

>>1042856

Is there a way to mass detect attached data on images? I got like hundreds of millions of pictures, cleaned of meta data and archived with winrar. Could be interesting because they date back to the middle of the 90s.

>>1043004

>Is there a way to mass detect attached data on images?

Tough call. I'm only vaguely aware of this stuff, I'm not a pro on the topic. I think you'd have to suspect there's something weird going on and you'd have to guess how the data (and what type of data) has been hidden inside the file...

Assuming we're talking about two (or more) files lumped together, you could recognize clandestine data by guessing it's proper size, and compare to the actual size of the file; but that would be tricky since compression algorithms are involved.

You could also check for specific signatures within those files (for instance see if a "%PDF" string is present in a non-PDF file, or maybe more than one image header like "GIF89a", "PNG" or "JFIF").

Ultimately, you could brute-force your way through and attempt to decode full streams of data out of files (which is probably the way to go in this case)...

There are other techniques to hide the existence of the data, like the least significant bit explained earlier (which would be revealed if you isolated those bits into a black and white image; the result would be a very noisy canvas that bares no resemblance to the source picture, since those bits are completely unrelated to the actual colors that makes the image), or two-file masks (where you combine two images and the result is the hidden data).

Either way, we're talking steganography (which is the process of hiding the existence of a message), and not cryptography (which is the process of concealing the meaning of a message, not its existence). In short, you could have an encrypted lump hiding beneath a normal file and analyzing a whole stream wouldn't return a single thing, because you'd assume the information is clear.

If you want to retrieve the information, there are some brute-force data extraction tools designed for video games resources files that could be useful here, but that would still require doing it by hand I think.

If you want to get rid of the secret lumps, I would recommend the lazy way out, such as using a batch image editing program like irfan, acdsee, xnview or whatever: select all and convert to a proper image file (which would discard all extra data - be careful not to convert image types to different images formats that do not support specific features, like transparency or animations).

That's all I have.

>>1042066

How do you split them after, tho?

>he didn't recompress all his images as flif

ha, retards

>>1043004

Ever thought about making and distributing copies of such a fantastic collection?

>>1043268

Bumping this question.

Damn. I saw a good presentation from some hacker con on just this subject a few years ago. It was on non cryptographic means of hiding data from law enforcement. It also mentioned soldering flash memory directly to the USB hub on the Mobo, because it's not often they do a thourough physical inspection. I can't find the damn talk on YouTube now. I remember it was given by some skinny dude that was drinking beer during the whole talk and was fairly drunk by the end. I don't remember what con it was, though.

>>1042057 (OP)

I tried this yesterday and it worked, but now all I'm getting is a 30 KB image. Did it get purged or something?

>>1047437

Images get stripped after a while on infinitychan. Like exif and non-image data.

How the fuck do you hide files in jpgs? That's the bullshit. Why is it even possible to do so?

>>1042060

It’s not exactly steganography, it’s a polyglot file.

>>1048316

It's easy and how do you think a viruses are spread People hide shit in images all the time Why do you think your email client tries to block remote content such as images by default

>>1048432

>Why do you think your email client tries to block remote content such as images by default

>remote content

privacy

>html

security

Viruses spread through buffer overflows and shit like that, that's not what OP did which is hide a file in a legit image that actually renders and can apparently also be opened with .rar software.

>>1048436

that remote content could be something that exploits a vulnerability in the image libraries. some of those get updates almost every day because theres always some bug in them.

>>1042856

Sigh... another piece random piece of shitware I have to write.

>>1048547

depends. the typical phone poster image is 2-6mb and you can put lots of data in there. text documents pictures and similar things..

>>1048554

or anything if you put it in a compressed file thats splitted in multiple parts like they do on usenet

>>1042527

On that note, what is a good Winbloats archiver? I'm currently using PeaZip, don't know if it's any good comparatively to others.

>>1042616

Pretty cool mate, I was wondering if it would be any fun putting the Chinese copypasta in lewds to get them off the site.

>>1042985

I was thinking more about the possibilities that it opens to file sharing and organizing meet ups and ARGs but yeah, that's also true.

>>1048554

I keep forgetting there's people who browse imageboards via their smartphones. I feel so retarded asking these questions.

>>1048559

Would putting the Chinese copypasta in the images work? Would the censorship algorithms be able to pick up on the hidden text?

>>1042110

that brings me back, damn I forgot about this.

>>1048637

password?

>>1048628

I am not a faggot it so I am not going to that

>>1048654

There is no password just drop it into winrar

>>1042057 (OP)

No one wants old Windows 3.1 as we have free Linux and BSD.

>>1048637

Archive format not recognized. I don't use wangblows.

>>1042924

Use Tomb instead, anon.

>>1048436

>>1048439

if you open the the image with the embedded malware in a image viewer the malware wont execute

open the image in a browser with js malware, that will work

is there a work around for the first point?

>>1048940

There are people who like to experience what was there in the past. In this age it's more like a toy rather than something that people would use for their daily computing.

>>1048436

You could execute code this way though. Like the well-known winrar security flaws.

It's not even too different from a buffer overflow actually. You have that void zone somewhere in a file and half of the programs reading the file don't have behaviour defined for when they encounter it.

>>1049052

if it contains something that is targeting a vulnerability in the image library then it will work in the image viewer

>>1049855

>>1049977

Indeed. Which is why you don't open internet files on your admin account.

>>1048316

Bumping this question.

I learned to embed in bmp files, but i m too stupid to do it in jpg REEEEEEEE

>>1059716

>tfw using linux

>tfw it doesn't work

>>1059793

Worked the last time I tried it but that was on Windoze. Maybe the data was stripped by 8chan along with the metadata

>>1059861

Don't worry. If FBI knocks at your door you can lure them away with your autistic screeches.

>>1059906

That's the plan anyways.

>>1059716

ERROR: open_this_with_7zip.gif : Can not open the file as archive

>>1060012

brainlet

>>1042057 (OP)

someone else please confirm that data has been stripped from the file

>>1060031

You downloaded the wrong image nigger.

The uploaded gif says it is 7.61Mb, your output says your file is 854Kb.

>>1042704

just write a script to batch convert all images in your download folder to the same format, effectively removing any hidden content

>>1059861

jewgle default compresses images

file will not be same

>>1042057 (OP)

tech tip! Try opening the image in 7zip! it'll show you the file in the catalog!

>>1060008

not working for me

>ERROR: Cia.jpg : You don't get to bring friends

>>1060132

Laws are laws. If you believe that certain laws are immoral, then it is your job to convince society that it should be repealed.

>>1060137

I had to download it 4 times to keep Firefox from stopping after the jpg had been read. It's a pain in the ass, but it's probably your browser's fault. It makes APNG a bitch, too.

>>1060132

>Who cares?

You'll care when the feds come busting down your door. Some abstract protest about free speech isn't worth getting your asshole enlarged by Jamaal, especially since kids aren't attractive and porn isn't speech in the first place.

>>1060137

No nigger you can't into /tech/ and should be in >>>/g/.

Even if you were downloading properly and got that file then you've obviously got some weird inbound (VPN?Firewall?) image compression settings.

Ask someone for a file hash or how to use wget, I've wasted enough time on your ineptitude.

>>1060138

>>1060167

Different anon here.

Nigger, you're the one who should be on >>>/g/.

Many images in the thread, including the one in the op got stripped. You downloaded the image before it was stripped by 8chan and it got cached by your browser.

I downloaded both image links using wget on my personal machine and 2 VPS's on completely different networks. All times 874KB. The image has been stripped by 8chan. Or maybe you think that 874KB is a normal size for a thumbnail?

>>1047437

>>1047444

Curiously >>1048637 still works for me

>>1042432

7zip

>>1042807

based anon

>>1060264

$ unzip -t urafag.png
Archive:  urafag.png
warning [urafag.png]:  416302 extra bytes at beginning or within zipfile
  (attempting to process anyway)
    testing: 1556220032785-2.jpg      OK
    testing: chloewtf2.png            OK
No errors detected in compressed data of urafag.png.

>>1060265

$ unzip urafag.png
Archive:  urafag.png
warning [urafag.png]:  416302 extra bytes at beginning or within zipfile
  (attempting to process anyway)
  inflating: 1556220032785-2.jpg     
 extracting: chloewtf2.png    

sorry - you use the -t to file-check, unzip just to unzip

I think one of the problems is that everyone is using a different stego method

>>1060234

>Many images in the thread, including the one in the op got stripped

Images don't get stripped. You're downloading the wrong image. You're a faggot. Go away. I told you how you could confirm your suspicions you'll only prove yourself to be a faggot because you'll prove they've not been stripped and you still didn't use it - because you're a faggot nigger who can't into tech. The fact that others agree with you confirms you cuckchan rejects are bringing down the quality of this board.

Your internet access is sharded btw. You have no idea what that means or how to circumvent it, and keep refusing to prove it to yourself.

>>1060234

>Many images in the thread, including the one in the op got stripped.

$ls -l /tmp/zcat.jpg 
-rw-r--r-- 1 anon anon 10864390 Apr 29 09:59 /tmp/zcat.jpg
$sha512sum /tmp/zcat.jpg 
3767f23137a53f99ae080db899cbe817faf87d2a6179f6d764038d29d4efb31054a00c03e97ca0eb2f322e4ac1e66a11bd5fc6c3a7e5584b13fb195c7d4c088c  /tmp/zcat.jpg
$7z l /tmp/zcat.jpg 
.
.
.
Scanning the drive for archives:
1 file, 10864390 bytes (11 MiB)

Listing archive: /tmp/zcat.jpg

--
Path = /tmp/zcat.jpg
Type = zip
Offset = 28137
Physical Size = 10836253

   Date      Time    Attr         Size   Compressed  Name
------------------- ----- ------------ ------------  ------------------------
2014-11-18 00:34:47 .....        17978        17616  386MAX.VX_
2014-11-18 00:34:47 .....         1035         1035  40291730.WP_
2014-11-18 00:34:47 .....         1627         1627  40293930.WP_
2014-11-18 00:34:47 .....        44018        42962  8514.DR_
2014-11-18 00:34:47 .....         3174         3068  8514FIX.FO_
.
.
.

You will find the hash of your download of OP's image different - because you don't know how to download or are a baiting /g/lownigger

>>>/g/ is more to your taste

>>1042058

how?

I have it dl'd and unzipped

>>1060291

>Save Link As

Wouldn't "save image as" be the best option for downloading since it specifies "image"?

>>1060301

no. the saving options don't change the bytes in the file. both accomplish the exact same thing: a stream of bytes sent to your computer.

>>1060291

What link did you use?

$ wget https://media.8ch.net/file_store/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg https://media.8ch.net/file_store/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg/zcat.jpg https://media.8ch.net/file_dl/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg https://media.8ch.net/file_dl/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg/zcat.jpg
--2019-04-30 21:07:07--  https://media.8ch.net/file_store/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg
Resolving media.8ch.net (media.8ch.net)... 104.18.104.234, 104.18.105.234
Connecting to media.8ch.net (media.8ch.net)|104.18.104.234|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 27773 (27K) [image/jpeg]
Saving to: ‘c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg’

c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331af 100%[========================================================================================================================================>]  27.12K  --.-KB/s    in 0.007s

2019-04-30 21:07:08 (3.88 MB/s) - ‘c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg’ saved [27773/27773]

--2019-04-30 21:07:08--  https://media.8ch.net/file_store/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg/zcat.jpg
Reusing existing connection to media.8ch.net:443.
HTTP request sent, awaiting response... 200 OK
Length: 27773 (27K) [image/jpeg]
Saving to: ‘zcat.jpg’

zcat.jpg                                                    100%[========================================================================================================================================>]  27.12K  --.-KB/s    in 0.005s

2019-04-30 21:07:08 (5.49 MB/s) - ‘zcat.jpg’ saved [27773/27773]

--2019-04-30 21:07:08--  https://media.8ch.net/file_dl/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg
Reusing existing connection to media.8ch.net:443.
HTTP request sent, awaiting response... 200 OK
Length: 29707 (29K) [image/jpeg]
Saving to: ‘c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg.1’

c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331af 100%[========================================================================================================================================>]  29.01K  --.-KB/s    in 0.005s

2019-04-30 21:07:08 (5.58 MB/s) - ‘c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg.1’ saved [29707/29707]

--2019-04-30 21:07:08--  https://media.8ch.net/file_dl/c978fc3704638e6e307e70d8750a1e83b15a3c28366622f3cc06bc331afa2563.jpg/zcat.jpg
Reusing existing connection to media.8ch.net:443.
HTTP request sent, awaiting response... 200 OK
Length: 29707 (29K) [image/jpeg]
Saving to: ‘zcat.jpg.1’

zcat.jpg.1                                                  100%[========================================================================================================================================>]  29.01K  --.-KB/s    in 0.004s

2019-04-30 21:07:08 (7.38 MB/s) - ‘zcat.jpg.1’ saved [29707/29707]

FINISHED --2019-04-30 21:07:08--
Total wall clock time: 0.7s
Downloaded: 4 files, 112K in 0.02s (5.33 MB/s)

>>1060335

>>1060481

>>1060301

There are 4 images you can download for every 1 image an anon posts. Each of these 4 can be accessed in 3 different ways.

Depending on the method and image you choose you'll get a different version. Only 1 of the 12 possible was confirmed to give the original file the anon uploaded (same hash).

have fun

>>1042685

those threads were a 2013/14 thing you piece of shit "wannabe" somebody

>>1060481

i clicked the link that has the original file name. the others probably wont work and idk if wget suffers from cloudflare faggotry on all of them.

>>1042057 (OP)

Your image requires a password according to steghide

>>1061125

Oh, I see what you did. You just embeded it, but it is not stereognorphy.

>>1061124

>stenography

There is no shorthand in your message.

If you said steganography I might have bothered.