0

Using Unix & Linux FS, I aim to write data like:

10011010 11101001 01011011 10110110 01100011 01111110 00010001 11100101 10011101 01110000 11111110 11111111 10000001 10011100 11011100 10011111

into a file (into the file "bits sequence"...to say it quick), but:

  • not in the file content,
  • nor in metadatas (ext.attributes)

Is it just possible? without breaking the file integrity in addition?

Dominique
  • 295
  • 1
  • 2
  • 8
ArchiT3K
  • 576
  • 1
  • 8
  • 34
  • 2
    You can convert them to 32-bit integers and store them in timestamps with things like `touch`. I think you will be able to store three 32-bit sequences. – Mingye Wang Sep 25 '15 at 13:29
  • @Arthur2e5 Thank you for this first. Ok for storing, what about "reverse" to file then ? – ArchiT3K Sep 25 '15 at 13:43
  • 1
    The `stat` command and `stat()` should provide all those data like access/modify/change times. The problem is if someone really modified/accessed/changed the file, the times may change and.. BOOM! – Mingye Wang Sep 25 '15 at 14:18
  • @Arthur2e5: nice, +1. It's worth noting though that on a filesystem mounted with `atime` or `relatime` options, the file's Access time will be updated every time the file is read. – cas Sep 25 '15 at 23:56
  • 1
    Wouldn't `echo` do what you want? I mean, according to http://unix.stackexchange.com/questions/65280/binary-to-hexadecimal-and-decimal-in-a-shell-script you can convert that binary data into hex data and `echo -n -e \\the_hex_value_obtained >> your_file` – YoMismo Sep 29 '15 at 07:29
  • @YoMismo Si, thank you. Still wonder where/how to put *out-of-content* bytes in the file... – ArchiT3K Sep 30 '15 at 07:02
  • @ArchiT3K what do you mean by where/how to put "out-of-content" bytes. I don't know what is your purpose. Do you want to modify the filesystem data on your own or what? – YoMismo Sep 30 '15 at 07:07
  • @YoMismo I aim to hide bytes in a file. It should be OS-FS-independant: http://unix.stackexchange.com/questions/232934/write-data-in-a-file-byte-chain-which-is-out-of-visible-content – ArchiT3K Sep 30 '15 at 07:08
  • Steganography? if that is what you want there are programs that already do that, or even better, you can code your own. Typical example of steganography was hidding info in the least significant bit of every pixel on an image. To do that you only need to read the image and modify that byte to introduce your information but in the end it is just writing bytes to a file in the right format. – YoMismo Sep 30 '15 at 07:16
  • @YoMismo That is what Im doing, actually. But I want to add this "hidden bytes" feature, into a file, out of content - for some confidential reasons. Stegano' is into the content, not out. – ArchiT3K Sep 30 '15 at 09:46

1 Answers1

1

Since this is too large for a comment I will post it as an answer...

If what you want is to write information outside of the file on the disk not being interpreted by the filesystem (so that it won't show it and ignore it while not overwriting it) then you will have to dig into the FS internals and see how to do that for that specific FS you may need to decieve it making it think a file is larger than what it is so that it won't erase your information (if you just write data on the disk the FS will think of it as free space and someday it may use it). You will also need to make the file actually shorter to allow the writing of your extra bytes outside the file and directly on the disk. You will most probably need to code your own program to do that, you can write directly to the disk with dd but to identify the right spot where you need to write it will be better to make a real program, not a script nor a simple echo command.

You may create a small partition and write your information directly there, but it will be easily spotted (small partitions or partitions withot a FS may be suspicious).

If you want to hide your information on an HD that is not going to boot, you can use the part of the MBR where the startup code goes to store your information safely (meaning it won't be overwritten by anyone -unless you write a new MBR- not that it can't be seen, since anyone can dd if=/dev/sdb of=your_file bs=512 count=1 and read the MBR if you haven't encrypted the info).

And last but not least, as I stated in the comment you can use steganography to hide your information with great results, but if you also want security you can first encrypt the information and the use steganography to hide it. The fact that the information goes inside the file or the information goes outside the file doesn't matter from a security point of view, since if the info is steg'ed it won't be visible to the naked eye. You might compare that to security through obscurity, which in the end, is no security at all.

As I stated in my comment, you can use steganography to hide the information in jpg, mp3 or any kind of file you want. You can even use text files and use the old method of hidding a message within a message (every X words is part of a new message, so if you don't know that you will read the message without noticing the other one).

YoMismo
  • 4,005
  • 1
  • 15
  • 31