Maintaining Access

Dr Joe Francom

Activity 1

  • What are rootkits?

Activity 2

Activity 3 - Alternate Data Streams

See if you can hide data on your windows machine.

Maybe this

or this

Activity 4 - Steganalysis & steganography

  • Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity
  • Steganalysis is the art and science of detecting messages hidden using steganography;

Steganalysis & steganography

How does it work? Remember that each pixel can be represented with a combination of 3 bytes (rgb). We can take a few of those bytes out and put our text in there with only marginal deterioration in image quality.

    apt-get install steghide

  • Commands:

      steghide embed -cf picture.jpg -ef secret.txt
  steghide extract -sf picture.jpg
  steghide info received_file.wav

Steganalysis & steganography

Steganography is NOT the same as cryptography. Cryptography scrambles the message so that it cannot be viewed, stego hides the existence of data. Can hide in file header fields, between sections of metadata. Can use images, sound, movies...

See if you can find the hidden file in this image. The passphrase is cows.