Skip to main content

How to Hide Secret Documents, Videos & Audio Messages inside JPG Images

secret fileA USA Today story says that al-Qaeda were sending out encrypted messages by hiding them inside digital photographs [jpg files] and video files.

Turn out that it is actually very easy to hide (or embed) other file inside a JPEG image. You can place video clips, pdf, mp3, Office documents, zipped files, webpage or any other file format inside a JPEG image.

And when a suspecting user [read CIA, FBI] tries to open that jpeg file [with concealed information] in either a photo editing software or as a thumbnail inside Windows Explorer, it would be tough to make out if this camouflaged jpg file is different from any standard jpg image.

Let's say you want to hide a confidential PDF document from the tax investigation officers. What you can do is convert that file into a regular jpg image so even if anyone double-clicks this file, all he will see is a preview of the image and nothing else. And when you want to work on the actual PDF, just rename the extension from jpg to pdf.

Here's the full trick:

Step 1: You will need two files - the file you want to hide and one jpg image - it can be of any size or dimensions. [If you want to hide multiple files in one jpeg image, just zip them into one file]

Step 2: Copy the above two files to the C: folder and open the command prompt window.

Step 3: Move to the c: root by typing cd \ [if the files are in another folder, you'll have to change the prompt to that folder]

Step 4: The most important step - type the following command:

copy /b myimage.jpg + filetohide.pdf my_new_image.jpg

To recover the original PDF file, just rename my_new_image.jpg to filename.pdf.

Here we illustrated with an pdf file as that works with simple renaming. If you want to apply this technique to other file formats like XLS, DOC, PPT, AVI, WMV, WAV, SWF, etc, you may have to first compress them in RAR format before executing the copy /b DOS command.

To restore the original file, rename the .jpg file to .rar and extract it using 7-zip or Winrar.

That's it - No advanced Steganography tricks involved here. Just remember to write the correct syntax of the copy command:

copy /b sourceimage.jpg + filetohide.ext targetimage.jpg

Popular posts from this blog

How to Download Contacts from Facebook To Outlook Address Book

Facebook users are not too pleased with the "walled garden" approach of Facebook. The reason is simple - while you can easily import your Outlook address book and GMail contacts into Facebook, the reverse path is closed. There's no "official" way to export your Facebook friends email addresses or contact phone numbers out as a CSV file so that you can sync the contacts data with Outlook, GMail or your BlackBerry. Some third-party Facebook hacks like "Facebook Sync" (for Mac) and "Facebook Downloader" (for Windows) did allow you to download your Facebook friends' names, emails, mobile phone number and profile photo to the desktop but they were quickly removed for violation of Facebook Terms of Use. How to Download Contacts from Facebook There are still some options to take Friends data outside the walls of Facebook wall. Facebook offers the Takeout option allowing you to download all Facebook data locally to the disk (include
Read more

Digital Inspiration

Digital Inspiration is a popular tech blog by  Amit Agarwal . Our popular Google Scripts include  Gmail Mail Merge  (send personalized emails with Gmail ),  Document Studio (generate PDFs from Google Forms ) and   File Upload Forms ( receive files  in Google Drive). Also see  Reverse Image Mobile Search , Online Speech Recognition and Website Screenshots , the most useful websites on the Internet.
Read more

PhishTank Detects Phishing Websites by Digg Style Voting

OpenDNS, a free service that helps anyone surf the Internet faster with a simple DNS tweak , will announce PhishTank today. PhishTank is a free public database of phishing URLs where anyone can submit their phishes via email or through the website. The submissions are verified by the other community members who then vote for the suspected site. This is such a neat idea as sites can be categorized just based on user feedback without even having to manually verify each and every submission. PhishTank employs the "feedback loop" mechanism where users will be kept updated with the status' of the phish they submit either via email alerts or a personal RSS feed . Naturally, once the PhishTank databases grows, other sites can harness the data using open APIs which will remain free. OpenDNS would also use this data to improve their existing phishing detection algorithms which are already very impressive and efficient. PhishTank | PhishTank Blog [Thanks Allison] Related: Google
Read more