\n
![\"xv1\"](\"http:\/\/www.gironsec.com\/blog\/wp-content\/uploads\/2014\/03\/xv1.png\")
<\/a><\/p>\nThe app makes use of simple stream ciphers to embed any other file I want into any picture I want WITHOUT breaking the original pic.<\/p>\n
Recall from one of my other posts<\/a> that they(malware writers) did utilize a form of steganography, but either didn’t embed another pic or didn’t care to. <\/p>\n The application makes use of a key file in the following format: Since I’m not exactly using powerful encryption here(RC4 \/ bitwise operations), there is a weakness – the encrypted content can be brute forced as the key is of variable length. The idea here however isn’t powerful encryption, but to instead hide in plain sight. A small program tacked onto a large JPG will be invisible to both the reverser and the naked eye. <\/p>\n Download the app \/ source here<\/a>.<\/p>\n Happy Hacking!<\/p>\n
\n-=-enctype-=–=-newline-=–=-lengthoforiginaljpg-=–=-newline-=–=-lengthofencodedexe-=–=-newline-=–=-keyvalue-=–=-GironSec-=-
\nLike all key files, they need to be kept in a safe place. <\/p>\n