View Full Version : How to hide a .rar in a jpeg file
Matooba
December 25th, 2009, 01:08 PM
1. Get your .rar file and put it in the same directory as a jpeg picture (c:\hidden is a good place to put it)
2. Open up a command prompt by clicking Start/Run and typing “cmd” and click ok.
3. In the DOS window, type “cd c:\hidden” to navigate to the folder
4. Type “copy /b input.jpg + input.rar ouput.jpg
(where input jpeg is the picture you want to show, input.rar is the file you want to hide and output.jpg will be the name of the new combined file)
That’s it! You can double click the new file and it will show it as a picture, BUT… if you open it with winrar, you will see the files contained.
I thought I would post it due to the amount of people that asked me how.
Oh P.S. Would this be suitable for embedding copyright info in photos? Hmmmmm
Example (copy /b firefox.jpg + secret.txt.rar secretfirefox.jpg)
New Software for this, is now available from Source Forge. Get it here (http://downloads.sourceforge.net/project/hide-in-picture/hide-in-picture/2.1/hip21_en.zip?r=http%3A%2F%2Fsourceforge.net%2Fproj ects%2Fhide-in-picture%2F&ts=1332130387&use_mirror=softlayer)
Tested in on Photobucket. Heres pic/file: http://i257.photobucket.com/albums/hh222/matooba/raiostations.jpg
Limited
December 25th, 2009, 01:15 PM
Thanks alot Matooba, means now I can host small .rar files within imageshack :D, can the rar have a password?
Turns out it can http://img189.imageshack.us/i/testzw.jpg
http://img189.imageshack.us/img189/2365/testzw.jpg
Pass is test
UnevenElefant5
December 25th, 2009, 04:29 PM
Does it work with other picture types? (gif, png, etc)
L0d3x
December 26th, 2009, 02:51 AM
Cool trick.
Kornman00
December 26th, 2009, 02:56 AM
Like most other archive programs out there, winrar just scans until it finds the start of an archive header. Thus allowing custom header information or in this case, file high jinks[/technical reason]
supersniper
December 26th, 2009, 02:58 AM
can you hide other files than a .rar
like hide a movie within a picture?
Kornman00
December 26th, 2009, 03:03 AM
You can hide them, but the parent program may not open it unless you cut the hidden file out (unless it scans for the start of it's file format like winrar or jpeg does).
Proper JPEG readers go off the image size in the image header, not the actual file itself
supersniper
December 26th, 2009, 03:29 AM
hmm so if i hid a .mp3 within a .jpeg i doubt itunes would recognize it if i opened the .jpeg in itunes.
CrAsHOvErRide
December 26th, 2009, 04:56 AM
Old :P but still nifty
SiriusTexra
December 26th, 2009, 06:04 AM
Great, now I'm going to be a paranoid whore and check all the jpgs I get sent from anyone here.
p0lar_bear
December 26th, 2009, 09:16 AM
Great, now I'm going to be a paranoid whore and check all the jpgs I get sent from anyone here.
...why? The hidden file won't actually do anything until it's read by the program that processes it. You should be as wary of files embedded in jpgs as you should be standalone rars or exes.
Limited
December 27th, 2009, 09:34 AM
...why? The hidden file won't actually do anything until it's read by the program that processes it. You should be as wary of files embedded in jpgs as you should be standalone rars or exes.
I believe it was a security risk along time ago, but Microsoft patched it.
Also, instead of being wary about hidden files in JPG's, be aware of viruses in PDFs as thats more of a threat.
Kornman00
December 27th, 2009, 11:45 AM
Also, don't forget about Big Brother
he watches :tinfoil:
Rook
December 27th, 2009, 12:43 PM
death threats etc
Donut
December 27th, 2009, 01:56 PM
would rep you twice if i could. iv been wondering how to do this for a long time
DEElekgolo
December 27th, 2009, 02:03 PM
People do this on 4chan to hide cp.
Kornman00
December 27th, 2009, 02:19 PM
People do this on 4chan to hide cp.
4W5tpbTJ7V8
Matooba
December 27th, 2009, 11:09 PM
Ok, here it is in action.
I made the rar with the password (radio).
Combined them.
Uploaded to Photobucket
Link: http://i257.photobucket.com/albums/hh222/matooba/raiostations.jpg
Use save image as
then after download
use "Open With"
Choose Winrar
Enter password
Enjoy!
Donut
December 27th, 2009, 11:34 PM
so youre telling me i can hide like a 200 part rar in 200 different jpgs and upload them to photobucket for downloading? how would this work with a multi part rar?
StankBacon
December 27th, 2009, 11:45 PM
literally older than the internet.
Cortexian
December 27th, 2009, 11:52 PM
literally older than the internet.
I'm pretty sure WinRAR wasn't invented until after the internet.
Kornman00
December 28th, 2009, 12:18 AM
I'm pretty sure WinRAR wasn't invented until after the internet.
Pretty sure RAR isn't the only archiving mechanism out there. 'sup LZW.
Cortexian
December 28th, 2009, 02:38 AM
Pretty sure RAR isn't the only archiving mechanism out there. 'sup LZW.
Pretty sure this thread is specifically about embedding WinRAR archives in JEPG images. Speaking of JPEG's, they weren't invented until 1991, whereas the internet as we know it (TCP/IP communication) has been around since around 1983.
This is in fact, not older than the internet itself!
Rook
December 28th, 2009, 02:43 AM
lol
supersniper
December 28th, 2009, 02:53 AM
i'm hiding all my hax in .jpeg's now lol!
Kornman00
December 28th, 2009, 07:43 AM
Pretty sure this thread is specifically about embedding WinRAR archives in JEPG images. Speaking of JPEG's, they weren't invented until 1991, whereas the internet as we know it (TCP/IP communication) has been around since around 1983.
This is in fact, not older than the internet itself!
And I'm pretty sure I stated earlier that this can be done with other archiving formats.
Like most other archive programs out there, winrar just scans until it finds the start of an archive header.
oh, yep
Sorry, but this internet "as we know it", wasn't spawned (http://en.wikipedia.org/wiki/World_wide_web) until 1990 when Al Gore slipped and hit his head on his toilet. TCP/IP is just a protocol which the internet (http://en.wikipedia.org/wiki/Internet_Protocol_Suite), as we know it, uses.
Thus, the specific idea presented is in fact older than the internet. The application for the idea listed just uses a RAR as the archive type and the JPEG as the host type. Just because this talks about an image doesn't mean you have to continue your 2D train of thought.
The archive type being the age in question as without it, this steganography (which is older than any computer communication) method wouldn't be unless you found another data format which acted on block streams and not explicitly files.
Amit
December 29th, 2009, 12:57 AM
Also, don't forget about Big Brother
he watches :tinfoil:
:smithicide:
Cortexian
December 29th, 2009, 02:41 AM
And I'm pretty sure I stated earlier that this can be done with other archiving formats.
oh, yep
Sorry, but this internet "as we know it", wasn't spawned (http://en.wikipedia.org/wiki/World_wide_web) until 1990 when Al Gore slipped and hit his head on his toilet. TCP/IP is just a protocol which the internet (http://en.wikipedia.org/wiki/Internet_Protocol_Suite), as we know it, uses.
Thus, the specific idea presented is in fact older than the internet. The application for the idea listed just uses a RAR as the archive type and the JPEG as the host type. Just because this talks about an image doesn't mean you have to continue your 2D train of thought.
The archive type being the age in question as without it, this steganography (which is older than any computer communication) method wouldn't be unless you found another data format which acted on block streams and not explicitly files.
Regardless, JPEG wasn't invented until 1991 so the internet was still released before it.
p0lar_bear
December 29th, 2009, 04:35 AM
This just in:
Nobody gives a shit.
Literalists gtfo.
Kornman00
December 29th, 2009, 05:12 AM
Regardless, JPEG wasn't invented until 1991 so the internet was still released before it.
Regardless, you need to invest in some 3D glasses because a jpeg isn't the only usable host type.
Thus, the specific idea presented is in fact older than the internet. The application for the idea listed just uses a RAR as the archive type and the JPEG as the host type. Just because this talks about an image doesn't mean you have to continue your 2D train of thought.
The archive type being the age in question as without it, this steganography (which is older than any computer communication) method wouldn't be unless you found another data format which acted on block streams and not explicitly files.
supersniper
December 29th, 2009, 06:47 AM
I concure :downsdance:
Cortexian
December 29th, 2009, 12:32 PM
"How to hide a .rar in a jpeg file"
literally older than the internet.
No.
Internet = 1990
JPEG = 1991
You can't debate it at all, lmao
Cojafoji
December 29th, 2009, 01:27 PM
i hate to be "that" guy, but jesus, you guys only just found out about this?
Limited
December 29th, 2009, 01:31 PM
i hate to be "that" guy, but jesus, you guys only just found out about this?
How to do this.
TheGhost
December 29th, 2009, 06:37 PM
Ughhh, Freelancer, just let it go. :shake:
Timo
December 29th, 2009, 07:50 PM
"How to hide a .rar in a jpeg file"
No.
Internet = 1990
JPEG = 1991
You can't debate it at all, lmao
:shutup:
Kornman00
December 29th, 2009, 08:30 PM
You can't debate it at all, lmao
No, it's just you can't debate it with an internet bigot like yourself
l m a o
E: Don't remember? Or are just blind to anything which proves you wrong?
5th post down
Like most other archive programs out there, winrar just scans until it finds the start of an archive header. Thus allowing custom header information or in this case, file high jinks[/technical reason]
That's the second time I've had to quote this for you
Of course you fail to see, you will always fail to see anything which isn't contorted in your one-way street opinion. You try thinking you're hot shit "correcting" someone, but when someone proves you wrong, you get all humpty dumpty and have a big fall.
Cortexian
December 29th, 2009, 09:02 PM
Sorry that I fail to see how this is older than the internet itself if the internet was around in 1990, and JPEG's weren't invented until 1991. I'm fairly sure WinRAR archives weren't around until after that either, therefore it was impossible to embed a .rar in a .jpg before the internet was invented.
Jesus Christ, that's my entire fucking point, there's no reason to argue about it since I'm right. I don't remember mentioning anything about embedding other types of archives in other types of files anywhere!
Timo
December 29th, 2009, 11:21 PM
nobody cares
shut up
etc
=sw=warlord
December 30th, 2009, 08:15 AM
In other news, anyone here use PGP encryption here much?
I was talking to a friend not too long ago about all the "leaks" and he suggested PGP file encryption, to my understanding it hides what ever file you want into a executable and make's it near impossible to crack unless you have the password?
Im just curious because it could help with a few people here doing their projects and if it was feasible to use this for transferring beta's, bit like putting archives into image files.
CrAsHOvErRide
December 30th, 2009, 08:36 AM
In other news, anyone here use PGP encryption here much?
I was talking to a friend not too long ago about all the "leaks" and he suggested PGP file encryption, to my understanding it hides what ever file you want into a executable and make's it near impossible to crack unless you have the password?
Im just curious because it could help with a few people here doing their projects and if it was feasible to use this for transferring beta's, bit like putting archives into image files.
You can also hide files in a rar file with a password and never get it out. It's quite easy to program that yourself.
Let's say you want to hide a number: 22.
Now you encrypt that number 22 with a password which would be something like *PasswordNumberHere* + 4.
So you would have (in the case of Password = 33):
22 * 33 + 4 = 730
To decrypt that number you will have to know the password:
(730 - 4) / *PasswordNumberHere* = ?
You can try all the possible numbers but in the case of a MD5 hash, trying to brute force it is nearly impossible. Of course, the Password is stored NO WHERE in the file. This is such an easy and almost unbreakable (relative) protection.
Kalub
December 30th, 2009, 07:02 PM
Ya lost me Pat...
Dwood
December 30th, 2009, 07:10 PM
Someone make a program that lets us use expressions like that or give me a link to one.
Matooba
December 30th, 2009, 08:18 PM
Someone make a program that lets us use expressions like that or give me a link to one.
I was just talking with Kornman00 about this.
Gonna try to make a app for this. Im not the greatest in making app's but I've made a few and I think I can make this.
Donut
January 2nd, 2010, 07:37 PM
Let's say you want to hide a number: 22.
Now you encrypt that number 22 with a password which would be something like *PasswordNumberHere* + 4.
So you would have (in the case of Password = 33):
22 * 33 + 4 = 730
To decrypt that number you will have to know the password:
(730 - 4) / *PasswordNumberHere* = ?
couldnt you just type in 33 and get the number out? im sorry but this is really confusing. what do you mean by hiding 22? is 22 the password or is 33 the password? or is the password itself a mathematical equation?
CrAsHOvErRide
January 2nd, 2010, 08:04 PM
22 is the data you want to hide. And yes obviously if you KNOW the password which is 33 you get the data back (22). Let me try to make another example:
You have some raw data like an array of numbers:
22 33 44 55Now you want to encrypt to hide that data. Let's say the encryption algorithm is "Array Number * Password" so it would be:
22 * Password
33 * Password
44 * Password
55 * Passwordnow you would get if the password would be "2":
44 66 88 110Now what you additionally add is a Checksum (I excluded that for the sake of simplicity from my last post). Now let's make a simple checksum which is to add all raw array numbers together:
22 + 33 + 44 + 55 = 154So our raw data was: 22 33 44 55
Our encrypted data is: 44 66 88 110
and our Checksum is: 154
Now the RAR file would basically contain the encrypted data AND the Checksum and nothing else.
Now to decrypt this you NEED THE PASSWORD. It is NOWHERE stored in the file. The password is basically part of the data and that's why you cannot extract it!
So if we want our raw data back we have to do 2 things ("/" means divided by :P):
First: Decrypt the data with the password:
44 / *Password*
66 / *Password*
88 / *Password*
110 / *Password*Second: The new raw data has to match against the Checksum:
44 / *Password* + 66 / *Password* + 88 / *Password* + 110 /*Password* = 154If the second condition is NOT correct the PASSWORD is wrong! (Try it in WinRar yourself. Enter a wrong password and it will say "CRC Error...Wrong Password maybe?" Of course the data could be corrupt as well but that's more unlikely than the password to be wrong).
You can see as well that only Brute Forcing will help you retrieve the password.
44 / 2
66 / 2
88 / 2
110 / 2
= 22 33 44 55
and
22 + 33 + 44 + 55= 154
..so "2" is the correct password and we have our raw data back!
Donut
January 3rd, 2010, 02:15 AM
i follow the math part of it but the rest loses me.
CrAsHOvErRide
January 3rd, 2010, 07:11 AM
argh it's soo easy xD
Donut
January 3rd, 2010, 09:15 PM
im sure its like one little thing that im not picking up too :lol:
Limited
January 4th, 2010, 12:21 PM
Gosh >_<. Its just a simple maths algorithm. Your taking the raw data and adding some sort of function that changes it to a new set of raw data. (This is done so you cant just open it up and read the raw data).
Basically, if you did any OTHER number but 2, the output would not be the original numbers.
The checksum, is basically to check the sum. What you do is you would use the 'password' number to do the opposite than you did before, (multiplied to encrypt, divided to decrypt), you'd then have a test 'password'. At this stage you have no idea if its correct or not. You would then take the encryped raw data numbers and apply the password to them. (44 / 'password' = ??)
In pats example it would be this.
44 66 88 100 becomes
22 33 44 55
You'd then add those numbers back up, and check it against the checksum value, which is 154. If it equals it, bingo! You have the password.
Kornman00
January 4th, 2010, 12:43 PM
so, how 'bout those rars
CrAsHOvErRide
January 4th, 2010, 02:02 PM
so, how 'bout those rars
rar files compress with the password and consequently the raw data becomes encrypted. Checksum is CRC32 and the compression algo can be read upon Wiki.
You know this shit already :realsmug:
Dwood
January 5th, 2010, 12:12 AM
So how does compression work when encrypting random file types? say, an exe?
CrAsHOvErRide
January 5th, 2010, 07:23 AM
It doesn't matter what file you compress because they all contain the same form of data: A lot of random byte.
How about we build our own compression just now? It's gonna be simple!
Let's say again we have this raw data:
00 00 00 00 00 11 11 11 11 11 88 88 88 88 88 88 88 88
I'll let you think for a min on how to compress it....
Alright first of all everyone should have seen a pattern in that raw data. Many of the bytes repeat themselves and that's where we are going to compress it!
The compression scheme will be like this:
First we need an indicator like "FF" byte that shows the program decompressing it where to start.
Second we need to say what byte to repeat.
Third we need to say how many times to repeat that byte.
So if we take the previous code and take the first chunk of it ( 00 00 00 00 00 ) we can compress it as following:
First we set the indicator byte:
FF
Then we set how many times those "00" are in there.
FF 05
And then what type of data it is. In this case "00":
FF 05 00
So as you can see we have compressed the data down from
00 00 00 00 00 (5 bytes)
to
FF 05 00 (3 bytes)
Now the decompressing program reads those 3 bytes and turns them again into those 5 bytes. That's how compression basically work.
And this is why you can compress the Halo map files so much because they have a lot of empty space in between!
The Zip compression is based on the Huffman coding (http://en.wikipedia.org/wiki/Huffman_coding). It's a relative easy concept but Wikipedia has to throw around with math signs again so you might have to find another site if you interested in understanding that.
Non-archived files like .exe files that decompress themselves at runtime use another technique even though the compression algo remains similar. Those type of files have a decompressor program basically attached to them before the real application gets executed. It decompressed the real application and "launches" it.
Kornman00
January 5th, 2010, 10:58 AM
Was suppose to be read like "so how 'bout them cowboys"
ie; not seriously
CrAsHOvErRide
January 7th, 2010, 06:44 PM
ie; I don't understand English %-)
Matooba
March 18th, 2012, 11:18 PM
New Software for this, is now available from Source Forge. Get it here (http://downloads.sourceforge.net/project/hide-in-picture/hide-in-picture/2.1/hip21_en.zip?r=http%3A%2F%2Fsourceforge.net%2Fproj ects%2Fhide-in-picture%2F&ts=1332130387&use_mirror=softlayer)
Info Url: http://sourceforge.net/projects/hide-in-picture/
Powered by vBulletin® Version 4.2.5 Copyright © 2024 vBulletin Solutions Inc. All rights reserved.