
steg86: A Versatile Steganographic Tool for Binaries
steg86 is a format-agnostic steganographic tool designed for x86 and AMD64 binaries. It allows you to conceal information within compiled programs, regardless of the executable format, including PE, ELF, Mach-O, raw, and others.
It has no performance or size impact on modified files
It does not affect the performance or size of the files it modifies. Specifically, adding a message does not increase the binary size or decrease the execution speed.
Installation Instructions for steg86
You can install steg86 using cargo with the following command:
$ cargo install steg86
Alternatively, if you prefer, you can build it directly from this repository by running:
$ cargo build
Usage:
To see a comprehensive list of flags and subcommands, run:
$ steg86 --help
Profiling:
To check a binary for its suitability for steganography, use the command:
$ steg86 profile /bin/bash
This will provide a summary for /bin/bash, including:
- 175828 total instructions
- 27957 potential semantic pairs
- 19 potential commutative instructions
- 27944 bits of information capacity (equivalent to 3493 bytes, or approximately 3KB)
Embedding:
To embed a message into a binary, use the following command:
$ steg86 embed /bin/bash ./bash.steg <<< "here is my secret message"
By default, the output from steg86 embed is written to $input.steg.
For example, /lib64/ld-linux-x86-64 with steg86
The file so.2 will be transformed into /lib64/ld-linux-x86-64.so.2.steg. If the command steg86 embed is executed, it will terminate with a 'no' response.