stegify is a simple command line tool capable of fully transparent hiding any file within an image or set of images.
This technique is known as LSB (Least Significant Bit) steganography
| Carrier | Data | Result |
|---|---|---|
 |
 |
 |
The Result file contains the Data file hidden in it. And as you can see it is fully transparent.
If multiple Carrier files are provided, the Data file will be split in pieces and every piece is encoded in the respective carrier.
| Carrier1 | Carrier2 | Data | Result1 | Result2 |
|---|---|---|---|---|
|
|
 |
 |
 |
The Result1 file contains one half of the Data file hidden in it and Result2 the other. As always fully transparent.
go install github.com/DimitarPetrov/stegify@latest
brew tap DimitarPetrov/stegify
brew install stegify
Or you can download a binary for your system here.
stegify encode --carrier <file-name> --data <file-name> --result <file-name>
stegify decode --carrier <file-name> --result <file-name>
When encoding, the file with name given to flag --data is hidden inside the file with name given to flag
--carrier and the resulting file is saved in new file in the current working directory under the
name given to flag --result.
NOTE: The result file won't have any file extension and therefore it should be specified explicitly in
--resultflag.
When decoding, given a file name of a carrier file with previously encoded data in it, the data is extracted
and saved in new file in the current working directory under the name given to flag --result.
NOTE: The result file won't have any file extension and therefore it should be specified explicitly in
--resultflag.
In both cases the flag --result could be omitted and default values will be used.
stegify encode --carriers "<file-names...>" --data <file-name> --results "<file-names...>"
OR
stegify encode --carrier <file-name> --carrier <file-name> ... --data <file-name> --result <file-name> --result <file-name> ...
stegify decode --carriers "<file-names...>" --result <file-name>
OR
stegify decode --carrier <file-name> --carrier <file-name> ... --result <file-name>
When encoding a data file in more than one carriers, the data file is split in N chunks, where N is number of provided carriers. Each of the chunks is then encoded in the respective carrier.
NOTE: When decoding, carriers should be provided in the exact same order for result to be properly extracted.
This kind of encoding provides one more layer of security and more flexibility regarding size limitations.
In both cases the flag --result/--results could be omitted and default values will be used.
NOTE: When encoding the number of the result files (if provided) should be equal to the number of carrier files. When decoding, exactly one result is expected.
When multiple carriers are provided with mixed kinds of flags, the names provided through carrier flag are taken first and with carriers/c flags second.
Same goes for the result/results flag.
stegify can be used programmatically too and it provides easy to use functions working with file names
or raw Readers and Writers. You can visit godoc under
steg package for details.
If carrier file is in jpeg or jpg format, after encoding the result file image will be png encoded (therefore it may be bigger in size) despite of file extension specified in the result flag.
stegify was used for one of the Capture The Flag challenges in Codefestโ19.
Participants were given a photo of a bunch of "innocent" cats. Nothing suspicious right? Think again!