Thread replies: 16
Thread images: 2
Thread images: 2
Anonymous
How do I figure out what's imbedded in a file? 2017-04-05 10:45:32 Post No. 59749498
[Report] Image search: [Google]
How do I figure out what's imbedded in a file? 2017-04-05 10:45:32 Post No. 59749498
[Report] Image search: [Google]
How do I figure out what's imbedded in a file?
Anonymous
2017-04-05 10:45:32
Post No. 59749498
[Report]
I have a version of this image with something embedded in it. How do I get it out or whatever?
>>
>>59749498
If it's a simple lsb scheme,xor the stego image with the empty image to find the altered bytes,take the lsb's from the altered bytes and start analyzing.
If it's a more complex scheme,like the one used by openpuff,you're fucked.
>>
I fucking love that movie, do you remember what program you used to write the information in the first place?
>>
>>59749823
It's that swedish vampire movie where the die at pool or smth right? I think I saw it when a swedistan pleb can to get some freedom. Wasn't bad.
>>
File: Let-the-Right-One-In-let-the-right-one-in-31845521-160-160.gif (984KB, 160x160px) Image search:
[Google]
984KB, 160x160px
>>59749559
sorry I don't know these technical terms, what am I supposed to do?
>>59749823
idk how it has something embedded
>>
ok
>>
>>59749498
Open it with winrar
>>
>>59751676
If the info is hidden in the least significant bit, just xor the original image and the image with the hidden message and analyze the result. If it is more complicated than that then you are fucked
>>
>>59749498
If you have one with it and one without just get the difference between the two using rsync
>>
>>59749498
three choices:
1. its just a file copied in windows to be an image and probably a zip with the same name. try renaming the image.jpg or whatever to image.zip or other possible file extension types.
2. He used a standard steganography or image hiding tool. google those keywords and try everything you find (keep an original of the image, always try on new copies)
3. He used something custom. you're fucked
>>
>>59749498
Post it?
>>
>>59757869
I can try
>>59758152
like this? http://i.imgur.com/un3Lhdm.gif
>>
>>59749498$ file 3495.gif
3495.gif: GIF image data, version 89a, 245 x 160
$
I dunno.
>>
use foremost on it
>>
>>59749498
If it was embedded with Veracrypt you'll need the password(s). The same if it was embedded with that program Eliot Alderson used in Mr. Robot to hide his hacks as music files.
>>
>>59749498
If you use Windows photo viewer or something like that to crop the image Windows saves the data inside of the picture. Just open the pic in paint or something similar and export it under a different name
Thread posts: 16
Thread images: 2
Thread images: 2