Howdy all!

Today I have, instead of malware and hax, something a little different.

The app makes use of simple stream ciphers to embed any other file I want into any picture I want WITHOUT breaking the original pic.

Recall from one of my other posts that they(malware writers) did utilize a form of steganography, but either didn’t embed another pic or didn’t care to.

The application makes use of a key file in the following format:
-=-enctype-=–=-newline-=–=-lengthoforiginaljpg-=–=-newline-=–=-lengthofencodedexe-=–=-newline-=–=-keyvalue-=–=-GironSec-=-
Like all key files, they need to be kept in a safe place.

Since I’m not exactly using powerful encryption here(RC4 / bitwise operations), there is a weakness – the encrypted content can be brute forced as the key is of variable length. The idea here however isn’t powerful encryption, but to instead hide in plain sight. A small program tacked onto a large JPG will be invisible to both the reverser and the naked eye.

Download the app / source here.

Happy Hacking!