GIF+ZIP = cheap steganography

Random questions or observations about and around computers
Post Reply
User avatar
Vincent
Posts: 3077
Joined: Fri Apr 07, 2006 12:10 pm
Location: Schtroumpf
Contact:
Contact Vincent

GIF+ZIP = cheap steganography

Post by Vincent » Sun Oct 05, 2008 4:36 pm

l stumbled upon a very nice bit of computer magic on this page.
Robert de Bath wrote:There are two tiny facts about GIF files and ZIP files you might like to know about: GIF files have their length defined at the start of the file; any bytes after are ignored. ZIP files have a table at the end; anything at the start of the file is ignored. The result is that a file can be both a GIF and a ZIP, just change the extension.
It is very easy to use that observation to create GIF files with hidden data: for instance the following innocent-looking image
stega.gif
stega.gif (48.32 KiB) Viewed 13462 times
contains my timetable for next week in PDF format. Just rename it as a zip file and extract everything; you may see an error message, but you will get the file nonetheless.

The nice thing about this method is that it is trivial on any *nix system: to create a file Z.gif, looking like the image X.gif, hiding Y.zip, just type cat X.gif Y.zip > Z.gif

There are probably many other pairs of fileformats sharing this property on which the method could be applied.

(nice page about formats)
{ Vincent Hugot }
Top
Post Reply

Return to “Miscellaneous”

Who is online

Users browsing this forum: No registered users and 65 guests