[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4E76F624.8090305@bredband.net>
Date: Mon, 19 Sep 2011 09:58:28 +0200
From: magnum <rawsmooth@...dband.net>
To: john-users@...ts.openwall.com
Subject: Re: Steganography Passphrase Cracking
On 2011-09-19 09:01, firstname lastname wrote:
...
> For instance, MP3Stego tool by Fabien Petitcolas can be used to hide
> text files inside an MP3 file. You can protect your hidden data using
> a passphrase.
>
> While decoding, we need to supply the passphrase to extract the
> hidden data from the mp3:
>
> decode.exe -X -P<pass> sample.mp3
>
> I did some research on how to extract the hash from this mp3 file and
> didn't make much progress. It uses 3DES to encrypt the hidden data
> and SHA-1 to generate pseudo random bits.
What happens if you supply the wrong password to decode.exe? Does it
recognise it was wrong, or does it extract garbage data? If it's the
latter, we may have no way to detect a correct guess unless there's
known plaintext (eg. file magic) in the hidden data.
magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
