Mesaje ascunse in imagini -> Steganografie


Autor: John Cohen



Am dorit sa scriu un articol despre steganografie, deoarece hackeri rusi, printr-o astfel de metoda, au reusit sa penetreze routerele cetatenilor americani, precum si dispozitivele altor institutii de peste ocean, trimitand poze de Instagram, care aveau cod secret de updatare/upgrade/inchidere a malware-ului instalat in diferite device-uri necinstite (rogue device). Pentru mine steganografia înseamnă literalmente o suprascriere. Procesul intai comprima informatia pe care vrei sa o ascunzi, o cripteaza folosind o parola pe care utilizatorul o ofera, pentru a ascunde mesajul in pixeli imaginei. Rezultatul acestui proces este un fișier inofensiv (fișierul stego), care conține un mesaj secret. Mesajul in sine poate fi extras, doar folosind acelasi program, care l-a si creat. <br><br> <img src="https://preview.ibb.co/dODx0A/Screenshot-2018-11-11-at-21-25-46.png" alt="Screenshot-2018-11-11-at-21-25-46" border="0" class="img-fluid"> Conform WIkipedia, Steganografia este <i>"practica de a ascunde un fișier, un mesaj, o imagine sau un videoclip într-un alt fișier, mesaj, imagine sau video. Cuvantul steganografie combina cuvantul grecesc <strong > steganos (στεγανός)</strong>, adica "acoperit, ascuns sau protejat", iar <strong>graphein (γράφειν) </strong>inseamna "scris". Avantajul steganografiei asupra criptografiei este că mesajul secret destinat nu atrage atenția asupra ei însuși ca obiect de control. Mesajele criptate vizibile, indiferent de cât de neîntemeiate sunt acestea, trezesc interes și pot în sine să fie incriminatoare în țări în care criptarea este ilegală. <br><br> <img src="https://preview.ibb.co/f0fzDV/Screenshot-2018-11-11-at-21-26-05.png" alt="Screenshot-2018-11-11-at-21-26-05" border="0" class="img-fluid"> <br><br> În timp ce criptografia este practica protecției doar a mesajului, steganografia are în vedere ascunderea faptului că este trimis un mesaj secret, precum și ascunderea conținutului mesajului. <br><br> <img src="https://preview.ibb.co/kxVMSq/Screenshot-2018-11-11-at-21-26-20.png" alt="Screenshot-2018-11-11-at-21-26-20" border="0" class="img-fluid"> <br><br> Steganografia include ascunderea informațiilor în fișierele computerului. În steganografia digitală, comunicațiile electronice pot include codificarea steganografică în interiorul unui strat de transport, cum ar fi un fișier de document, un fișier imagine, un program sau un protocol. Fișierele media sunt ideale pentru transmisiile steganografice datorită dimensiunilor lor mari. De exemplu, un expeditor ar putea să înceapă cu un fișier de imagine inofensiv și să ajusteze culoarea fiecărui pixel pentru a corespunde unei litere din alfabet. Schimbarea este atât de subtilă încât este puțin probabil ca cineva care nu o caută în mod specific să vadă schimbarea."</i> <br><br> <h4>Utilizare</h4> <br> In Kali Linux, intai trebuie sa instalati programelul tastand sudo apt-get install steghide Dupa ce l-ati instalat trebuie sa introduceti textul, in cazul nostru din `pi.txt` in poza `dog.jpeg` mentionand faptul ca am pus parola ==>`parola` == `steghide embed -ef '/root/Desktop/pi.txt' -cf '/root/Desktop/dog.jpeg' -p parola`. Din ce se poate vedea in video-ul de mai jos, practic poza ramane la fel pentru ochiul uman. Ca textul inserat sa ramana la fel, atunci cand se trimite poza, ea nu trebuie comprimata, fiindca se va altera textul din poza. Dupa ce a primit documentul codificat, receptorul trebuie sa scoata textul din acea poza, folosind comanda `steghide extract -sf '/root/Desktop/dog.jpeg' -p parola -xf '/root/Desktop/secrets.txt'` Dupa ce ati dobandit acest bagaj informational, as dori sa ganditi, ca unii posteaza genul acesta de mesaje pe site-urile de Social Media pentru a tine legatura cu oameni rau intentionati! Urmatoarea data cand veti da un like la o poza, ganditi-va ca poate, in acea poza este un ordin pentru o misiune! Casele de discuri inglobeaza mesaje de copyright prin steganografie in piesele, pe care le posteaza pe site-uri, iar tot prin steganografie, Youtube-ul stie atunci cand o persoana foloseste o melodie in videoclipul sau, fara a avea dreptul de utilizare a ei. <br><br> <div class="embed-responsive embed-responsive-16by9"> <iframe class="embed-responsive-item" src="https://www.youtube.com/embed/-1PrThRQH58" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe> </div> <br><br>


COHEN INVESTIGATIONS AGENCY SRL
Ilfov, Romania
Telefon: 0771.060.860.    
Site: www.cohen.ro 
Email: [email protected]

#detectivparticular #pi #romania #bucuresti #investigatii #it #cybersecurity #detectiv #detectivi #politia #police #inselaciuni #verificari #siguranta #incredere #iubit #iubita #iubire #security #homeprotection #protection #tscm #facialrecognition #recunoasterefaciala #soft #phishing #scams #chatboot #pi #robot #malitious #html #car #carrecognition #bucharest #bucuresti #nato #wearenato #heroku #development #nato #security #cybersecurity #wireless #pentestings #penetrationtesting #personrecognition #indivizi #recunoasterepersoane #video #searex #privatesearch #internet

Pictures Copyright Pozele acestui articol au fost luate de pe site-ul www.pexels.com, site care ofera gratis spre uz personal si comercial aceste poze. --- [All photos on Pexels can be used for free for commercial and noncommercial use](https://www.pexels.com/photo-license)

Disclaimer

Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and Our Company will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

This site contains materials that can be potentially damaging or dangerous. If you do not fully understand something on this site, then GO OUT OF HERE! Refer to the laws in your province/country before accessing, using,or in any other way utilizing these materials.These materials are for educational and research purposes only! Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! Neither administration of this server, the authors of this material, or anyone else affiliated in any way, is going to accept responsibility for your actions. Neither the creator nor Our Company is responsible for the comments posted on this website.

Any linked sites are not under the control of author or Our Company and the author or Our Company is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. We are providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by us.

In any site as large as ours that deals with so many controversial topics and skills, it has become necessary to address a few incidents and implement a user terms and services agreement. We want to provide a free, safe and legal training environment to the users of this site.


Our Aim

Our Company : This website will help you gain entry into the minds of seasoned computer criminals, so that you can forestall their attempts and you will be hence well equipped to detect the ways in which hackers can infiltrate your system.

Your usage of this website constitutes your agreement to the following terms.

  1. All the information provided on this site are for educational purposes only. The site is no way responsible for any misuse of the information.
  2. Our Company is a site related to Private Investigation and not a site that promotes hacking /cracking / software piracy.
  3. This site is totally meant for providing information on "Private Investigation", “Computer Security”, “Computer Programming” and other related topics and is no way related towards the terms “CRACKING” or“HACKING” (Unethical).
  4. Few articles (posts) on this site may contain the information related to “Hacking Passwords” or“Hacking Email Accounts” (Or Similar terms). These are not the GUIDES of Hacking. They only provide information about the legal ways of retrieving the passwords. You shall not misuse the information to gain unauthorised access. However you may try out these hacks on your own computer at your own risk. Performing these attempts (without permission) on computers that you do not own is illegal.
  5. The virus creation section on this site provides demonstration on coding simple viruses using high level programming languages. These viruses are simple ones and cause no serious damage to the computer. However we strongly insist that these information shall only be used to expand programming knowledge and not for causing malicious attacks.
  6. All the information on this site are meant for developing Defense attitude among the users and help preventing the hack attacks. Our Company insists that these information shall not be used for causing any kind of damage directly or indirectly. However you may try these codes on your own computer at your own risk.
  7. The word “Hack” or “Hacking” that is used on this site shall be regarded as “Ethical Hack” or “Ethical Hacking” respectively.
  8. We believe only in White Hat Hacking. On the other hand we condemn Black Hat Hacking.
  9. Some of the tricks provided by us may no longer work due to fixture in the bugs that enabled the exploits. We are not responsible for any direct or indirect damage caused due to the usage of the hacks provided on this site.
  10. We reserve the right to modify the Disclaimer at any time without notice.
  11. We are not the vendors of any products (software, books etc.) that we recommend on our website in the PRODUCTS section and other selected posts/articles. Hence we do not have any liability related to the products recommend by us. It is the responsibility of the buyers to contact the respective vendors for any queries related to the products.