Search This Blog

Monday, April 15, 2013

How to Hide Data in Image, Audio and Video Files:Steganography


Ever wondered to know how to hide secret data in image, audio and video files? Well, in this post I will take you through a concept called steganography using which, it is possible to hide your secret information in image files, songs or any other file of your choice. At the end of this post, you can also download free stegnographic tools and start hiding your data.

What is Steganography?

Steganography is a means of obscuring data where secret messages are hidden inside computer files such as images, sound files, videos and even executable files so that, no one except the sender and the receiver will suspect the existence of stealth information in it. Steganography may also involve the usage of cryptography where the message is first encrypted before it is concealed in another file. Generally, the messages appear to be something else such as an image, sound or video so that the transfer of secret data remains unsuspected.
The main advantage of steganography over other methods such as cryptography is that, it will not arose suspicion even if the files fall in the hands of a third party. Unlike cryptographic messages, stegnographic messages will no way attract the attention of a third party by themselves. Thus stegnanography has an upper hand over cryptography as it involves both encryption and obscurity.

What are the Applications of Steganography?

Steganography is mainly used to obscure confidential information/data during storage or transmission. For example, one can hide a secret message in an audio file and send this to another party via email instead of sending the message in the textual format. The receiver on the other end will decrypt the hidden message using the private decryption key. In a worst case scenario, even if a third party does manage to gain access to the email, all he can find is the audio file and not the hidden data inside it. Other usage of steganography include digital watermarking of images for reasons such as copyright protection.
Even though steganography has many useful applications, some may use this technique for illegitimate purposes such as hiding a pornographic content in other large files. Rumors about terrorists using steganography for hiding and communicating their secret information and instructions are also reported. An article claiming that, al-Queda had used steganography to encode messages in images and transported them via e-mails, was reported by New York Times, in October 2001.

How do Steganography Tools Work?

Stegnography tools implement intelligent algorithms to carefully embed the encrypted text messages or data inside other larger files such as an image, audio, video or an executable file. Some tools will embed the encrypted data at the end of another file so that there will be enough room for storing larger data.
There are many steganography tools available online but only a few are able to work flawlessly. I did not find any tool that worked perfectly on both small and large data. However, I have  managed to develop my own tool that can work perfectly on all types of files and all size of data. The tool is called “Stego Magic“. You can download it from the following link.
Download StegoMagic.zip
The zip file contains two versions of Stego Magic: One for encrypting the text messages and the other for encrypting binary files. StegoMagic_TXT can be used to hide text messages in other files such as an image or a sound file. StegoMagic_BIN can be used to hide one binary file in another such as an executable file inside an image or an image inside a video file.
With Stego Magic, there is no limitation on the size and type of the file that you are intending to hide. For example, you can hide a video of size 1 GB in an image of size 1 MB or hide an executable file inside a WORD document. The tool is pretty straightforward to use and requires no special understanding of the concept.
At the end of the encryption process, a secret decryption key will be generated and the same is required during the decryption process.

How to Use Stego Magic?

Suppose you want to hide a text message inside a JPG file:
  1. Place the JPG and the text file (.txt) in the same folder as that of StegoMagic_TXT.exe
  2. Run StegoMagic_TXT.exe and follow the screen instructions to embed the text message inside the JPG image.
    Please note that if you’re using Windows 7/Vista, right-click the file and select “Run as Administrator”. Otherwise the tool may fail to work properly.
  3. Note down the secret decryption key.
Now you can send this image to your friend via email. To decrypt the hidden message, your friend should load this JPG file onto the Stego Magic tool and use the secret decryption key.
I hope you’ve now understood what is steganography and how to use it to hide your secret data. For queries and feedback, please pass your comments.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

Hacking Ka Baap Google.....


Hello Friends here i am again with my new tutorial for u. and these days i was busy with my work so i thought to Give u a Bonus tutorial with u might like and have Fun. So lets Move on.......
Google serves almost 80 percent of all the search queries on the Internet, proving itself as the most popular search engine. However, Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed.
In this post, you will find the information on how to use Google for exploiting security vulnerabilities that exists within many websites. The following are some of the ways to use Google for hacking:

1. Using Google to Hack Security Cameras:

There exists many security cameras that are used for monitoring places like parking lots, college campus, road traffic etc. With Google, it is possible to hack these cameras so that you can view the images captured by them in real time. For this, all you have to do is just use the following search query in Google. Type in the Google search box exactly as given below and hit enter:
inurl:”viewerframe?mode=motion”
Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls. You will see something as follows:
Hacking Live Camera
As you can see in the above screenshot, you now have access to the Live cameras which work in real-time. You can also move the cameras in all the four directions, perform actions such as zoom in and zoom out. This camera has really a less refresh rate. But there are other search queries through which you can gain access to other cameras which have faster refresh rates. In order to access them, just use the following search query:
intitle:”Live View / – AXIS”
Now, click on any of the search results to access a different set of live cameras. Thus, you have hacked Security Cameras using Google.

2. Using Google to Hack Personal and Confidential Documents:

Using Google, it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc. can be found just in seconds.
intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”
You can gain access to a list of .xls files (excel documents) which contains contact details including email addresses of large group of people. To do so, type the following search query and hit enter:
filetype:xls inurl:”email.xls”
Also, it is possible to gain access to the documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query:
intitle:index.of finances.xls

3. Hacking Google to Gain Access to Free Stuffs:

Ever wondered how to hack Google for free music or eBooks. Well, here is a way to do that. To download free music, just enter the following query on Google search box and hit enter.
“?intitle:index.of?mp3 eminem
Now, you’ll gain access to the whole index of Eminem album where in you can download the songs of your choice. Instead of eminem you can substitute the name of your favorite album. To search for the eBooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3″ with “pdf” or “zip” or “rar”.
I hope you enjoy using Google for hacking stuffs on the Internet. If you’ve liked this post, please pass your comments. Cheers!

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

What is Doxing and How it is Done?


What is Doxing?
Doxing simply refers to the process of gathering or deducing other people’s information such as name, age, email, address, telephone number, photographs etc. using publicly available sources such as the Internet. In other words, doxing is the act of using the Internet to search for personal details about a person.
Doxing is done by initially taking a piece of information (such as “name” or “email address”) and keeping it as a base to find out other possible details about the person. The term “doxing” is derived from the word “document tracing” which means to retrieve documents about a particular person or company in order to learn more about them.

Doxing Techniques:

Today, Internet has grown to such a size that it contains almost any information that you’ve ever imagined! All you’ve to do is use the right techniques to search for what you want. Here is a list of doxing techniques that are most commonly used by Internet geeks and ethical hackers:

Using Google:

Google is undoubtedly a powerful tool that plays a key role in doxing. Since Google indexes almost anything on the Internet (sometimes even the private information), it is possible to dox for details such as email ID, address, phone numbers and photographs of a person or company. Once you obtain the search results for your query, carefully examine the description part which in most cases contain the piece of information that you are looking for.

Social Networking Websites:

As most Internet users are found to be active on social media, social networking sites such as Facebook and LinkedIn provide a virtual goldmine of information necessary to perform doxing. As most users are unaware of online security issues, they have weak privacy settings on their profile. This makes it easy for the attackers to gain access to personal information such as photographs, real names, location, job, partner’s name etc.

Reverse Cell Phone LookUp:

A “Reverse Cell Phone Lookup” is simply a process of finding someone’s personal details such as name, age, address and related information by using their cell phone number and vice versa. There are many online services out there such as cell phone registry that provide access to the personal details about a given person based on his/her phone, name and email ID.

Whois Searches:

If a person or company has a website (or domain name) associated with them, you can easily perform a “whois search” for their website to obtain personal details such as full name, address, email and phone number. Just visit whois.domaintools.com and enter the domain name for which you want to perform a whois search. It will show up all the details associated with the domain name.

Why Would Anyone Want to Perform Doxing?

Most people perform doxing out of general curiosity about a person or company. However, there are some wicked minds out there who do this for the purpose of blackmailing or taking revenge by exposing the information that they have gathered about the person.

What are the Consequences of Doxing?

It can be slightly irritating and embarrassing when private data fall in the hands of people who are not intended to have access to such information. However, things can go even worse if the doxed information such as a person’s social activities, medical history, sexual preference and other vital bits of information is made public. This can have a serious threat to health, livelihood or relationship of the victim.

Steps to Protect Yourself from Doxing:

The following are some of the most commonly targeted pieces of information that can be easily obtained through doxing:
  • Full name
  • Age, gender and date of birth
  • Location and place of birth
  • Email addresses and username
  • Phone number
  • Social networking profiles, websites and blogs
So, it is always a good practice to keep the above bits of information hidden. Even though it is not possible to do this in all cases, you can still take care to protect as much information as you can from going public. You can consider the following additional tips for further protection:
  1. Do not upload personal photographs on web albums such as “Picasa”. Even if you do, make sure that your album is hidden from public and search engines.
  2. If you do not intend to show up your profile on search engines, it is a wise choice to make all the Internet profiles private.
  3. Maximize the privacy settings of your social network profiles. Make sure that your individual albums and photographs have their privacy settings configured.
  4. Do not use the same email address for all you accounts. Instead, create separate email IDs for individual activities such as gaming, forum participation, banking accounts etc.

Is Doxing a Crime?

Doxing is definitely not a crime when used within the ethical standards and no harm is being caused to anyone. However, if doxing is done to cause intentional damage such as harassment, blackmailing or taking revenge it might well be considered an offence.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo