What is Steghide
Steganography is the way of hiding a smaller file in another larger file. Steghide is an open source steganography tool. We can use Steghide to conceal a secret file into an image or audio file. In this tutorial, we will focus on using Steghide to hide your secret in an image. Steghide compresses and encrypts your secret file before embedding it in the image. It uses 128 bit AES encryption by default although you can change this.
You can use steghide to store sensitive data safely. You can also use it to send sensitive data to someone without letting anyone else know. Somebody snooping on your communication will see only that you're transmitting an innocuous image. Since the image doesn't have any markers that indicate any data is hidden inside, this can provide plausible deniability.
Install steghide
I've assumed you're using Debian or Ubuntu or one of their derivative distros. You can install steghide as follows (first update the repositories to make sure you're getting the latest version) :
sudo apt update
sudo apt install steghide
Secret file
The secret file can be of any type. It can be a text file or a zip file or a pdf file. It doesn't matter. The only thing that matters is that the secret file should be smaller than the image capacity you will get in the next step. In following example, I've used secret.txt as the secret file. And the image used to conceal the file is called somepic.jpg.
Check image capacity
To embed a file into an image you have to make sure the image has large enough capacity. So make sure your secret file is smaller than the capacity of the image. To check image capacity, execute following command. It will show you total image capacity and offer to show details of embedded data. But since there isn't any yet, type n.
steghide info somepic.jpg
Embed a secret in an image
Now that you have made sure the secret file is smaller than the image capacity, you're ready to embed your secret file into the image. After executing command given below, steghide will ask you for a passphrase, it will then compress your secret.txt file and encrypt it using the passphrase you supplied and save the output in outputpic.jpg. You won't find any visual difference between the original image and the output image hiding the secret.
steghide embed --embedfile secret.txt --coverfile somepic.jpg --stegofile outputpic.jpg
Now that you have some embedded data in outputpic.jpg, run steghide info outputpic.jpg and supply your passphrase. When asked if you want to see the details, type y, you'll see the embedded file name, it's size, which encryption was used and whether the file was compressed.
Extract the secret from the image
To Get your secret file back from the image, run following command and provide your passphrase that you used initially. Hidden data will be decrypted, decompressed and saved to secret.txt.
steghide extract --stegofile outputpic.jpg