Advanced Steganography	Anonymity Academy

Fravia's STEGANOGRAPHY
ADVANCED PLATFORM
OK, you found it sunny boy

Updated September 1998

Advanced readings
How to (try to) see some light through steganographical smoke

---

~ approaches ~ hints ~ tricks ~ links ~

---

Courtesy of Fravia's page of reverse engineering

---

Well, I have received so many questions about steganography, it was about time that I could give some 'cracker' answers... what I mean is: you'll be able to find on the web many (good) pages about steganography, yet I don't believe that you'll find many good pages about steganographical CRACKING.
And the aim of this page is exactly that: to teach you how to hide and how to un-hide information. You already had to perform some relatively easy steganographical cracking in order to get here (else you are either one of the administrators of my servers (Hi Sharp! Hi Camilo!, Hi Tony!) or a friend with the keys (Hi +gthorne!) or an idiot that has received this URL from somebody more able and is wasting his and my time). Yet landing here, as you will see, is only the beginning of a very long trip! In this page we will see how you can crack ALL currently used steganographical programs.
Let's first of all have a look at how zeezee, +ReZiDeNt and all the other ones have cracked the 'Andromeda' pictures... Clearly each one of you coming here should mail me a short (altough interesting and 'crackling') essay, explaining how HE got the right path... You learn, you teach: you teach, you learn!

---

The approaches
+ReZiDeNt's approach

zeezee's approach

caprine's approach

Massimiliano's approach and his anticontraband proggy

Fabian Hansmann's short essay

Sanity_sync's anticontraband c code
("programs i wrote that help crack contrab stegged texts")

Caprine's short answer to Jean Flynn
("Let's work together")
12 February 1998

Joe Peschel's Steganos, The Duke of Earl, and The Dancing Men __NEW__
("Cracking the T_tamra7.bmp")
04 March 1998

Edi's work
("I had to reverse engineer steganos again, on my own")
26 March 1998

Caprine's beautiful story A great dragon known as Steganos
(Steganos Key Relief (Reducing the key search burden))
22 April 1998

Gary Benson's Unconventional Access: My way into the Advanced Steganography pages
(Steganos Key Relief (Reducing the key search burden))
23 September 1998

---

The Tricks

The HackLab's Steganography Thumbprinting __NEW__
("methods of detection")
18 March 1998

---

We will begin with +ReZiDeNt's approach:

A lazy brute force approach to cracking the 'Andromeda' picture, by +ReZiDeNt



OK, here is how I retrieved the text file hidden inside the 

stegonated Andromeda picture (outfile.gif) on Fravia's+ very 

interesting page about steganography



Firstly, I downloaded Hide and Seek 4.1, and took a look at it. 

Fravia+ had already told us that the code we needed was four digits 

long - so I first tried a few 'common' combinations (e.g. '1984',

1997', '2001', '2010' etc.) - this didn't find it, so I knew I would 

have to try another approach: I decided to 'brute force' the number. 

In other words, I would try every single combination of fou

digits until I found the right one. Using four digits there are 

10,000 possible combinations, so typing these all in would be long 

and tedious to say the leas



Obviously, I would need to make a program (in C of course, the only 

'real' language IMHO) to do this for me, and automate the typing in 

of the different codes. All I would need to do is make a prog

m that passes the SEEK.EXE program a code, and then checks to see 

whether it has successfully extracted the hidden file.



So I first tried to look at the Hide and Seek source code and see if 

I could edit it a bit, to change some things I didn't like (I didn't 

like the 'press any key' prompt that it showed you before a

empting to extract the hidden file, and I wanted to stop it from 

showing the image as it worked). However, the program uses a 

commercial graphics library and although I tried to edit those out it 

n't work. 



Oh well, let's crack it instead! So I did - I used SoftICE and set a 

breakpoint on INT21 - sure enough, SoftICE snapped just before the 

'press any key' message - I just had to nop the INT call out 

d that took care of that problem. I decided not to bother getting rid 

of the image display, so I was now ready to make the simple C 

progra



The C source is shown below (I compiled this with Borland C 4.5, but 

it should work with any ANSI C compiler):

On my Cyrix P166+ with 16MB RAM (under Windows 95) this took about 

half an hour to forty-five minutes to find the hidden file, running 

the program as a foreground task. It took slightly less than o

 second per iteration (e.g. it took less than a second to test each 

code), so the maximum time it would have taken (in minutes) is:



10000 / 60, about 166 minutes, nearly three hours. 



The above program is very simple, starting from 0 and going up to 

9999. In all but the simplest cases, you would probably have two 

counters, one starting at 0 (counting up) and one at 9999 (countin

down), to speed things up. I'm not going to tell you how long it took 

me to find the code, because that would enable you to cheat and make 

a guess :



Anyway, I found that to be good fun and a very worthwhile evening's 

entertainment. :-)



Good Hunting,

+ReZiDeNt



--------------------------------------------------------------------- 



Cya,

+ReZiDeNt

hi, Fravia+



Thanks for Christmas puzzle with Andromeda! Nice picture, btw.



The working codes (.BMP version) are: 0995, 4575 and 8155.



It was a simple but enjoying "source code reversing".





My way of thinking was (assuming p0/1/2/3 are password digits):



1. Goal: Searching for: BlkSize, Offset and XOR all made from p0/1/2/3.

   Algorithms are near the end of .C file

2. Opened .C source in notepad

3. Created .DIF file between two .BMP files using fc

4. Bytes differ from offset 003F to 150B ie min. during 5324 bytes

5. Divided 5324 by 587 to compute BlkSize. It's 9.

6. Blksize is 8 + p1 % 4. So

     p1 may be 1, 5 or 9

5. To determine Offset I checked various p0 values to get 537 bytes long

   outfile. So I determined that p0 + p1 = 1.

     Possible combinations are:

     09..

     45..

     81..

Then I tried to decode using password 4555 creating a file 4555.txt

6. Assuming that there is a 'http://' phrase repeating in the text I determined

   that near start of file (offset 1,2) are identical bytes. Let's assume

   they should be 't'.

7. Determined XOR between 'ist' and 'soll' and computed existing mask

   Mask for 4555 is CF.

   Should be E3.

   So one of the codewords is 4575.

   Works!

8. Created two additional codewords so that XOR is E3.



9. Checked the files mentioned in the file.

   Most of them are since long time on my HD, one gives 404.



10. Mailed to Fravia+.



Merry xmas and many good cracks in New Year!



zeezee

Dear Fravia,

 Although I have spent many hours learning from and enjoying your pages, 

I admit this is the first time I have taken the time to bestow my humble 

"thank you" for the passion you have for teaching 'KNOWLEDGE' (but you 

probably get too much email anyway)



A quick observation about 'contraband' :

 After reviewing the source, and with your hint of the 587 byte file 

 size and a little file probing, one can quickly determine that the 

'offset' = 9. 



    Offset=((PIN[0]-'0')+(PIN[1]-'0'))%11; 



Therefore , the PIN 0 & 1 combinations can be '09', 

'18','27','36','45,'54','63','72','81',or'90' (down to 1000 

possibilities already)



A quick FC -b Androm.bmp _ndrom.bmp(we all remember those nice little 

DOS tools don't we) tells us the last modified byte is at offset 5387. 

block size (high probability) = (5387-96)/587 = 9



    BlockSize=8+(PIN[1]-'0')%4;



That means PIN[1]= '1','5',or'9' 

Now the valid PIN 01 combo's are '09','45',or'81'



Now I got a little lazy. I extracted 3 files using passwords 

'0900','4500',and '8100'. Now a quick little program to read each file 

and xor all characters with 0 thru 255 and display. To my surprise, all 

3 files decoded your file. That means (In this case) their are 3 valid 

passwords.

'0995','4575'(yours),and '8155'. 



Well, anyway, it suprised me and I thought I would mention it. So if 

this common knowledge,or you really don't care, just write this off as 

someone who doesn't have anything better to do. 



Got to go look for the advanced steganography' pages now.  Thanks again.

Thank you for giving so much information about the stegonated

androm.bmp!!!

I just asked myself: would have been possible to decode the file 

without knowing so much about it ? (length=578, type=text file, 

content=urls).

The answer is in a small utility I wrote in a few spare hours.

Although not yet perfect, it can be useful to show that contraband

is a fairly breakable tool (even if the attack I prepared is far from

perfect).

It could also be possible to search the entire keyspace, but this is

unnecessary. I'm giving this tool to your advanced readers just to keep 

people from using contraband, since it is indeed flawed.

Keep publishing your site, I love it, and I greatly appreciate 

(and enjoy) your work. Happy new year.



Download here Massimiliano's anti-contraband program

_ _ _ _ _ _ _ _ _ _
Back to Fravia's Anonymity Academy ___Back to the Stego 'normal' page
homepage links +ORC students' essays counter measures
antismut CGI tricks academy database tools reality cracking javascript tricks
cocktails search_forms mail_Fravia
Is software reverse engineering illegal?