Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
steghide(1)							   steghide(1)

NAME
       steghide	- a steganography program

SYNOPSIS
       steghide	command	[ arguments ]

DESCRIPTION
       Steghide	 is a steganography program which embeds a secret message in a
       cover file by replacing some of the least significant bits of the cover
       file with bits of the secret message. After that, the secret message is
       imperceptible and can only be extracted with  the  correct  passphrase.
       The  result of the embedding process (an	innocuous looking file with an
       embedded	message) is called stego file.

       The jpeg, bmp, wav and au file formats are supported by	steghide.  You
       can  use	 a file	of any of these	formats	as cover/stego file. There are
       no restrictions on the format of	the plain file.

       The plain data is encrypted before embedding. The encryption  algorithm
       blowfish	 is used together with the hash	algorithm MD5 (to create a key
       for blowfish from the passphrase).

       Together	with the plain data the	name of	the original plain file	and  a
       crc32  checksum	of  the	 plain file is embedded	in the stego file. The
       crc32 checksum is used to verify	the integrity of the embedded  message
       during extraction.

COMMANDS
       In  this	 section the commands for steghide are listed. The first argu-
       ment must always	be one of these	commands. You can  supply  some	 argu-
       ments  to the embed and extract commands. For a detailed	description of
       these arguments see section ARGUMENTS.

       embed, --embed
	      The embed	command	embeds the  plain  file	 in  the  cover	 file,
	      resulting	 in  the  stego	file. This command needs the following
	      arguments: the name of the cover file (-cf),  the	 name  of  the
	      plain file (-pf),	a name for the stego file that will be created
	      (-sf).

       extract,	--extract
	      The extract command extracts the plain data from a  stego	 file.
	      This  command  needs  the	 following  arguments: the name	of the
	      stego file (-sf),	the name of the	plain file that	will  be  cre-
	      ated (-pf).

       version,	--version
	      Displays a short version information. No arguments required.

       license,	--license
	      Displays steghide's license. No arguments	required.

       help, --help
	      Displays a help screen. No arguments required.

ARGUMENTS
       -pf, --plainfile
	      This  argument  can  be used with	the embed and the extract com-
	      mand. When used with the embed command it	defines	the file  that
	      contains the secret message.

	      When this	argument is used with the extract command, a file with
	      the name passed with this	command	will be	created	and the	 plain
	      data  that is embedded in	the stego file will be written to this
	      file.

	      Note that	steghide embeds	the original file name	of  the	 plain
	      file  in	the  stego  file.  If  you  omit the -pf argument when
	      extracting data, the embedded plain file will be	saved  to  the
	      current directory	under its original name.

	      If  you use the argument -pf - standard input or standard	output
	      will be used instead of a	file. You can use this	notation  with
	      the -cf and -sf arguments	too.

       -cf, --coverfile
	      Defines  the  file  that	is to be used as cover file, e.g.  -cf
	      mycover.bmp tells	steghide to use	the file mycover.bmp as	 cover
	      file.

	      This argument can	only be	used with the embed command.

       -sf, --stegofile
	      Defines  the  file  that	will  be used as stego file. When this
	      argument is used with the	embed command, a  file	of  that  name
	      will  be	created.  When	used with the extract command the file
	      must already exist and contain an	embedded message.

	      The file format of the  cover  file  (and	 the  stego  file)  is
	      detected	automatically  based on	header information (the	exten-
	      sion is not relevant). The current version of steghide  supports
	      BMP, WAV and AU files.

       -p, --passphrase
	      Use   the	  string  that	is  following  this  argument  as  the
	      passphrase. If your passphrase is	more that one  word  long  you
	      have to enclose it in quotes, e.g.  -p "a	very long passphrase".

	      If the passphrase	is not given with the -p argument, a prompt to
	      enter the	passphrase will	be displayed.

       -d, --distribution
	      This  argument  defines the method that is used to calculate the
	      postions of the hidden bits in the  cover/stego  file.  You  can
	      choose  among  two different methods: a constant interval	length
	      between two hidden bits (this method is called  "cnsti")	and  a
	      pseudo-random  interval  length  between	two  hidden bits (this
	      method is	called "prndi").

	      This argument can	only be	used with the embed command.

	      To use the cnsti method  you  have  to  pass  the	 following  to
	      steghide:	-d cnsti <n> where <n> is the interval length you wish
	      to use, i.e. the number of bytes (in the cover file) between two
	      bytes that each contain a	hidden bit.

	      Supplying	 the  following	 argument makes	steghide use the prndi
	      method: -d prndi <n> where <n> is	the maximum  interval  length.
	      The  average  interval  length  (using the prndi method) will be
	      approximately the	half of	the maximum interval length.

	      Usually you will not need	to use the -d argument as it  defaults
	      to  prndi	 with the maximum interval length that is possible for
	      the specified plain file and cover file. This is the  best  set-
	      ting.

	      If  you use -d cnsti (i.e. you omit the <n> argument), the maxi-
	      mum interval length for the cnsti	method will be used. Using  -d
	      prndi is equal to	the default.

	      Note  that the cnsti method is less secure so you	should not use
	      it.

       -k, --checksum
	      Embed a crc32 checksum of	the plain file in the stego file. This
	      is the default.

       -K, --nochecksum
	      Do  not  embed  a	 crc32 checksum. You can use this if the plain
	      data already contains some type of checksum or  if  you  do  not
	      want  to embed those extra 32 bits needed	for the	crc32 checksum
	      for whatever reason.

	      The -k and -K arguments can only be used with the	embed command.

       -n, --embedplainname
	      Embed  the  name of the original plain file with the plain data.
	      This is the default. The embedded	plain file name	is used	by the
	      extract command to save the plain	data.

       -N, --notembedplainname
	      Do not embed the name of the original plain file.

	      The -n and -N arguments can only be used with the	embed command.

       -c, --compatibility
	      This switch makes	steghide use  the  blowfish-compat  encryption
	      module  (from libmcrypt) thus providing compatibility with libm-
	      crypt versions < 2.4.9.

	      Use this switch if you have a libmcrypt  version	>=  2.4.9  and
	      want  to	send  an embedded message to a person that has a libm-
	      crypt version < 2.4.9. Also use this switch if you have a	 libm-
	      crypt  version >=	2.4.9 and want to read a message that has been
	      embedded by a person with	a libmcrypt version < 2.4.9.

       -v, --verbose
	      Display detailed information about the status of	the  embedding
	      or extracting process.

       -q, --quiet
	      Supress information messages.

       -f, --force
	      Always overwrite existing	files.

       -e, --encryption
	      Encrypt  the  plain  data	 before	embedding. This	is the default
	      anyway, so you will not need this	argument. You can  use	it  to
	      specify explicitly that encryption should	be used.

       -E, --noencryption
	      Do not encrypt the plain data before embedding. Note that	embed-
	      ding unecrypted data is not recommended because it less  secure.

	      The -e and -E arguments can only be used with the	embed command.

       -h, --sthdrencryption
	      Encrypt the stego	header before embedding. The stego  header  is
	      some  administrative  information	 that  is also embedded	in the
	      stego file, for example the length of the	plain data.

	      Encrypting the stego header is the default, so there is no  need
	      to use this argument.

       -H, --nosthdrencryption
	      Do  not  encrypt the stego header	before embedding. This is also
	      not recommended.

	      Important	Note: If the sender of a stego file has	not  encrypted
	      the  stego  header  (i.e.	 has  used  the	 -H argument) then the
	      receiver of the message must also	use the	-H argument  with  the
	      extract  command.	 Otherwise steghide will assume	that the stego
	      header is	encrypted and will fail.

EXAMPLES
       To embed	the file secret.txt in the jpeg	 file  cvr.jpg	and  save  the
       resulting stego file as stg.jpg type:

	 $ steghide embed -pf secret.txt -cf cvr.jpg -sf stg.jpg
	 Enter passhrase:
	 Re-Enter passphrase:

       To extract this data again type:

	 $ steghide extract -sf	stg.jpg
	 Enter passphrase:
	 writing plain file to "secret.txt".

       When  embedding	data,  the name	of the original	plain file is embedded
       too: The	extract	command	above will create a  file  secret.txt  in  the
       current directory and write the embedded	data to	secret.txt.

       You  can	 override  the	embedded  plain	file name if you specify a -pf
       argument	when extracting. The following command will put	 the  embedded
       data into the file plain.txt:

	 $ steghide extract -sf	stg.jpg	-pf plain.txt
	 Enter passphrase:
	 writing plain file to "plain.txt".

       If  you	are  using  a system that supports pipes you can pass data via
       standard	input to steghide. In the following example data is compressed
       before it is (encrypted and) embedded:

	 $  gzip  -c pln.txt | steghide	embed -cf cvr.bmp -sf stg.bmp -pf - -p
       "This is	a passphrase."

       To extract (and view) the data from this	file again, you	could do some-
       thing like this:

	 $  steghide  extract  -sf  stg.bmp -pf	- -p "This is a	passphrase." |
       gunzip |	less

       If you pass data	to steghide via	standard input	or  from  steghide  to
       another program via standard output, you	need to	specify	the passphrase
       on the command line with	the -p argument	(as shown in the two  commands
       above).

AUTHOR
       Stefan Hetzl <shetzl@teleweb.at>

				  14 May 2002			   steghide(1)

NAME | SYNOPSIS | DESCRIPTION | COMMANDS | ARGUMENTS | EXAMPLES | AUTHOR

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=steghide&manpath=FreeBSD+Ports+5.1-RELEASE>

home | help