Wednesday, 26 October 2011

Lists of Various Steganographic Tools

Steganography is the art and science of hiding information such that only the sender and recipient can read that hidden piece of information. While the cryptography is focussed on making message unreadable, steganography focusses on data hiding and hence combination of both can give better security in most cases.

As mentioned earlier, steganography is the art of hiding information and can be done in many ways. For instance, simplest forms of steganography would be toinsert each character of hidden message in the Nth position of each word in a sentence so that recipient takes Nth letters of each words to reconstruct the message. While this was very basic example, steganography has no bounds and one can hide messages within images, audios, videos, source codes, etc and this involves some sort of creation to increase the obscurity of the hidden message. Wikipedia entry gives far much deeper information on steganography tool and I would like to recommend you to read it.

To make digital steganography easier, numerous tools have been developed and I'm listing some of them here.

1) Hide in Picture: Hide In Picture is a program that allows you to conceal files inside bitmap pictures, using a password. The pictures look like normal images, so people will not suspect there is hidden data in them.

2) wbStego: wbStego4 offers steganography in bitmaps, text files, HTML files and PDF files. It is has two very user-friendly interfaces and is ideal for securely transmitting data online or adding copyright information, especially with the copyright information manager.

3) Hide4PGP: Hide4PGP is a freeware program distributed as source code in ANSI C and precompiled executables for DOS (any version but 1.x), OS/2 (Warp and up), and the Win32 console (9x and NT). It's purpose is to hide any data in a way that the viewer or listener does not recognize any difference. It supports BMP, WAV and VOC file formats.

4) MP3Stego: Hide files within mp3 files. MP3Stego will hide information in MP3 files during the compression process. The data is first compressed, encrypted and then hidden in the MP3 bit stream.

5) TextHide: Simple text steganography

6) GifShuffle: gifshuffle is used to conceal messages in GIF images by shuffling the colourmap, which leaves the image visibly unchanged. gifshuffle works with all GIF images, including those with transparency and animation, and in addition provides compression and encryption of the concealed message.

7) Snow: snow is used to conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected.

8) Camouflage: Camouflage allows you to hide files by scrambling them and then attaching them to the file of your choice. This camouflaged file then looks and behaves like a normal file, and can be stored, used or emailed without attracting attention.

9) OpenPuff: OpenPuff is a professional steganography tool, with unique features you won't find among any other free or commercial software. OpenPuff is 100% free and suitable for highly sensitive data covert transmission. Its very advanced tool with support to images, audios, videos, flash, adobe.

10) SteganRTP: Steganography tool which establishes a full-duplex steganographic data transfer protocol utilizing Real-time Transfer Protocol (RTP) packet payloads as the cover medium. The tool provides interactive chat, file transfer, and remote shell access. A network steganographic tool.


Read more...

Useful and Basic Commands and Shortcuts For Ubuntu Beginners

One of my friends asked me to list useful commands and shortcuts for him to use in his ubuntu distro. I listed some pretty useful ones and am also sharing them over here.

Basic Commands

Alt + F1: Opens application menu.
Alt + F2: Opens run command(something similar to run command in windows)
Ctrl +Alt + FN: Switch to TTYN terminals
Ctrl +Alt + F7: Switch to X Display
mkdir <dir_name>: Create a directory
cd $HOME: Set the current path as your home directory
cd /: Set the current path as root filesystem

Privileged commands: Note that most of these commands require you to have sudoers privilege which is specified in /etc/sudoers file.

sudo su: Run the shell as root user.
sudo su user: Run the shell as the user specified
sudo command: Run the specified command with root privilege
gksudo command: Run the specified command as graphical root mode.(used for graphical programs)
passwd: Change your password

Basic Network Commands

ifconfig: Displays information about network. Also, ifconfig interface would give information about the specified interface.
iwconfig: Displays information about wireless network
ping host_or_IP: Pings to check if the specified host or IP is online or not. Also useful for knowing if you are connected to some other network eg. internet.
host ip_addr: Displays hostname for specified IP address by querying nameservers specified in /etc/resolv.conf
ifup interface: Bring the specified network up.
ifdown interface: Bring the specified network down.
ssh user@hostname -p PORTNO: Establish SSh connection to specified host and port number and login as specified user.

Commands For Package Management: These commands require root privilege so either escalate privilege to root by sudo su command or precede each commands with sudo.

apt-get install package1 package2 .. packageN: Download and install the package(s) specified.
apt-get install -d package: Just download the packages(no installation)
apt-get update: Update packages information.
apt-get dist-upgrade: Perform distro version upgrade.
do-release-upgrade: Perform distro version upgrade.
apt-get remove package: Remove the specified package(s).
apt-get -f install: Fix packages problem.
dpkg --configure -a: Fix broken packages.

Other/Misc. Commands

id: Displays user and group IDs for current user.
uname -a: Displays all kernel information
gedit: Open text editor
nautilus: Open nautilus file manager
gksudo nautilus: Open root nautilus file manager
lsb_release -a: Get information about installed ubuntu version

These are some of the commands that has come in my mind as of now. I might update this list when some other commands come into my mind. By the way, TAB is very useful in terminal as it allows auto-completion and suggestion of commands and files in ubuntu. What this means is if you type do- and then press TAB, it will auto complete the command to do-release-upgrade thus saving some important time. Also be sure to share the useful commands in the comment section below.


Read more...

Mass Youtube Videos Download Using BYTubeD under Firefox

Before going for vacation, I wanted to download some youtube videos and I wanted to download them in bulk but I had no idea. Tried searching firefox addons site and found an addon known as BYTubeD that allows me to perform bulk downloads from youtube.

BYTubeD is a Bulk YouTube video Downloader. It can be used to download all/selected YouTube videos on any page which has some links to YouTube videos, by clicking the BYTubeD menu item in the Tools menu or in the context menu (i.e. right click menu).

Get BYTubeD in Firefox.


Read more...

Bleeding Life 2 Released By Blackhat Academy

Bleeding Life 2 is a browser exploit pack that affects the web browsers on the Microsoft Windows operating system with remote code execution and buffer overflows. The tool can be used to launch client side browser exploits to the vulnerable users.

The wiki page of Bleeding Life enlists the exploits and features of this tool.

For download, click HERE.


Read more...

Extract and Download Multiple Attachments At Once

I was searching for a way to extract and download multiple attachments at once and came across a thunderbird plugin that allows you to do this.

Just select the messages containing the attachments you want to extract and select 'Extract Attachments' and this extension does the rest. No more having to go through each message to extract the attachments!
Check out the settings dialog for the different options.

For downloads and further information, check addon's page.


Read more...

SSL DOS Tool From The Hacker's Choice

On october 24, the german hackers group The Hacker's Choice released a new Denial of Service(DOS) tool that exploits the weakness in the SSL implementation to take the servers down.
THC-SSL-DOS is a tool to verify the performance of SSL.
The Hacker's Choice says:

Establishing a secure SSL connection requires 15x more processing
power on the server than on the client.

THC-SSL-DOS exploits this asymmetric property by overloading the
server and knocking it off the Internet.

This problem affects all SSL implementations today.


For more information and downloads, visit THC SSL DOS Page.



Read more...

Tuesday, 25 October 2011

Stay connected to social networks with Yoono

Yoono is an easy to use application that brings all major social networking sites under a single application. The best thing about Yoono is that it is available for all major platforms and operating systems.

It is available as Desktop app for windows, linux and MAC and also the portable version of the application is available. Moreover, it is available as Browser addon for Firefox and Google Chrome. And both the paid and free(with ads) versions of this app are available for iPhones. So the users can choose any version of Yoono according to their convinience and preferences.


Some of the features of Yoono are:

- Stay connected with major social networking sites Twitter, Facebook, Foursquare, LinkedIn, YouTube, Flickr, GoogleBuzz, Yammer, Friendfeed, MySpace and more...all in one place.

- Update your status and share links, images and video from the page you're viewing across all your networks simultaneously.

- Easily sync the status and update your status across all the sites at once.

The software is available for downloads at yoono.com.

Firefox users can download the addon from HERE as well.

Google chrome users can download the addon from HERE as well.


Read more...

Sunday, 16 October 2011

Demo Of Ubuntu 11.10 Runs On Browsers Supporting HTML5

Rather than posting photos and video stuffs, this time ubuntu has made a very interactive demo of newly released ubuntu 11.10. You can use the online tour just like a real ubuntu OS installed in your PC. This online tour feature is pretty impressive and helps people understand how the look, feel and functionality of ubuntu 11.10 is.


Visit the online tour.


Read more...