Welcome to part two in a series about steganography, the art of hiding things in plain sight. We are practicing steganography because it can be a useful skill if you don't have access to encryption software, or need a quick solution to make sure the sender and recipient are the only ones who are able to read your message.
In this Null Byte, we are going to learn how to bind whole file archives to a text document. We will have a misleading text document and an archive hidden inside of it with a secret message. This is being done under the Windows platform, let's get started.
Step 1 Download & Install WinRar
First, we need to download compressed archiving software to use for our secret message. We will be using WinRar for this tutorial.
- Download WinRar from the official website.
- Go to your downloads folder and run the WinRar installer.
- Right-click the Desktop, and create a new text file named "secret".
- Put a secret message inside the secret.txt file.
Step 2 Create the Archive & Cover-Up Message
Now we need to craft a message capable of being passed off as a normal message. We also have to mke an archive with our secret message as its contents.
- Right-click the secret.txt file and click add to archive.
- Check the box that says zip.
- Add a password to the archive if you would like, then create it.
- Create another text file on the Desktop named "message".
- Open message.txt and write a believable message for the contents.
Step 3 Merge the Files
It's time to merge our files to hide our secret.rar file
- Click Start > Run/Search > "cmd" > Enter.
- Type: cd Desktop
- Then, type: copy /b message.txt + secret.zip message0.txt
- Send it!
Here's a video in case you need help following along:
You can also do this with picture files. Sending cryptic messages back and forth with friends and trying to solve them is can be a lot of fun!
Want to start making money as a white hat hacker? Jump-start your white-hat hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from ethical hacking professionals.