Brute force attack ...
 
Notifications
Clear all

Brute force attack in steganography case

7 Posts
4 Users
0 Likes
503 Views
(@jegham)
Posts: 40
Eminent Member
Topic starter
 

Through your experience…what is the best reliable software you used to brute force a password in stegnagrophy case ?

 
Posted : 30/04/2008 1:01 am
 ddow
(@ddow)
Posts: 278
Reputable Member
 

GIYF.

 
Posted : 30/04/2008 4:46 am
(@jegham)
Posts: 40
Eminent Member
Topic starter
 

GIYF.

????

 
Posted : 30/04/2008 10:35 am
Jamie
(@jamie)
Posts: 1288
Moderator
 

Google Is Your Friend

 
Posted : 30/04/2008 11:57 am
(@jegham)
Posts: 40
Eminent Member
Topic starter
 

Google Is Your Friend

D Thanks for the clarification.

But i checked Google and yahoo…and the only tool that i found is stegbreak but it doesn't run normally, it has errors…

 
Posted : 30/04/2008 7:48 pm
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

Part of the issue may be with the concept itself.

For example, the last time I looked at S-Tools4, you'd get a dialog box prompting you for a passphrase even if you had never embedded anything in the image before.

I guess it all goes back to the question of how do you get an arbitrary file (image, movie, sound, etc.) and determine whether or not anything was stego'd into it? Some of the research I've seen by Provos indicates that even if you know the specific tool and version used to stego a file, the best you can do is determine the probability that something was stego'd into the 'carrier' file. Oddly enough, the same person also wrote stego algorithms that he claims defeated statistical analysis methods of stego detection.

Even this presentation states that you need the original, un-stego'd copy of the file for analysis
http//security.ngoinabox.org/Documentation/Misc/Stego-cryptanalysis.pdf

Other stuff
http//www.citi.umich.edu/techreports/reports/citi-tr-01-11.pdf

 
Posted : 30/04/2008 8:02 pm
(@jegham)
Posts: 40
Eminent Member
Topic starter
 

Part of the issue may be with the concept itself.

For example, the last time I looked at S-Tools4, you'd get a dialog box prompting you for a passphrase even if you had never embedded anything in the image before.

I guess it all goes back to the question of how do you get an arbitrary file (image, movie, sound, etc.) and determine whether or not anything was stego'd into it? Some of the research I've seen by Provos indicates that even if you know the specific tool and version used to stego a file, the best you can do is determine the probability that something was stego'd into the 'carrier' file. Oddly enough, the same person also wrote stego algorithms that he claims defeated statistical analysis methods of stego detection.

Even this presentation states that you need the original, un-stego'd copy of the file for analysis
http//security.ngoinabox.org/Documentation/Misc/Stego-cryptanalysis.pdf

Other stuff
http//www.citi.umich.edu/techreports/reports/citi-tr-01-11.pdf

This is very interesting….especially the first PDF…Thanks a lot

 
Posted : 30/04/2008 11:16 pm
Share: