# Details of LSB steganography

Time：2020-10-31

• First of all, let’s talk about bitmap

We might as well enlarge the picture of guanxi

When you zoom in, you can notice that the picture is actually made up of squares of different colors arranged from left to right and from top to bottom. Yes, there are so many different colors of grid arranged in this way to make this beautiful picture! This is called bitmap!

what? Do you think the explanation I gave you is too crude? Let me give you a more academic explanation

• So now let’s say, if I have a bunch of information right now

For example, such a string“JUST{Guan_xi_ge}

We want to hide this string of information in this photo of Crowne, so that the information we want to pass on to others can be transmitted to others with pictures as the carrier. Even if it is intercepted by some bad person, it is difficult for him to know what we really want to convey, because the information we want to convey has been hidden or written into this picture!!

• So, how to steganography?

The steganography explained to you this time isLSB(Least significant bit)Steganography.

In the previous article, we have introduced bitmaps, andLSBSteganography is a steganographic method for pictures with this format.

As mentioned in the previous article, bitmap is a fine picture composed of small squares of various colors arranged one by one.

This little grid, we call it “pixels.”.

The colors of these pixels are various to form the color picture in front of us. How can our computer recognize the color of each pixel?

Everyone should know red（R）, green（G）, blue（B）Ternary color bar, through the deployment of these three colors, we can get all the colors, and in the computer, the color of each pixel is adjusted through itsRGBIn other words, the pixels of each color are actually a group according to the computerRGBValue of.

As shown in the figure below, we select white to identify itRGBThe values of are255255255。 In the eyes of computers,RGBEach of the three colors has a value of one8Therefore, when the computer reads in, the values of these ternary colors are11111111,11111111,11111111,So, for a computer, what it sees is actually a pixel11111111 11111111 11111111Such a binary string, we call it the pixel’sRGBCode (binary), in order to facilitate people to read, we often write this string of binary string in hexadecimal form, that is#Ffffff, which is also the RGB code (hexadecimal) of this pixel.

Since for a computer, each such pixel is a binary string (e.g11111111 11111111 11111111）As we mentioned in the previous article, a bitmap is composed of rows of densely arranged pixels, so such a picture is not just a line by line binary string!(The schematic diagram is as follows)

So what do we do“JUST{Guan_xi_ge}“What about hiding it?

We know that in a computer, every character actually uses theasciiNow we can convert each character into its corresponding 8-bit binary ASCII code form to get the string as follows:

01001010 01010101 01010011 01010100 01111011 01000111 01110101 01100001 01101110 01011111 01111000 01101001 01011111 01100111 01100101 01111101

After converting the information we want to steganalysis into such a string of binary strings, we will begin to steganalyze the image!!!! Steganography, official start!!!

Now we write each bit of the binary string that we just converted into from left to right in turn to the lowest bit of every eight bit binary of the above-mentioned image (that is, write image pixels in turn)RGBLowest order of value)

For example:

After writing in this way, each bit of the information is hidden in the pixelRGBCorresponding8The last bit (the lowest bit) of a binary code, so this steganography is called“LSB(LSB) steganography“

After we write the information, we can’t see how much the picture has changed. Why? As mentioned above, in the computer, the color of each pixel is adjusted by adjusting its colorRGBAnd then, according to our steganography, the information is writtenRGBIfRGBBecause of the change of the lowest bit of our writing, it’s nothing more than that1Become0perhaps0Become1In terms of numerical value, what we’ve hiddenRGBAt most, it will change1。 In this way, for each pixel, itsRGBThe change of ingredients is very small, the color almost unchanged, so it is difficult for human eyes to detect such changes, so the information can be quietly hidden by us!

The following is implemented by Python to hide information in guanxi.bmp The Python code implementation of this figure (the note describes the code of important functions. If you want to learn the specific function details, you can do it yourself on Baidu (Baidu: Python XXX function), “XXX” is the name of the function you don’t understand, and you will find it!) :

 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 from PIL import Image         # Defining functionsgetflagConvert the content of the text to be steganalyzed into its corresponding binary string         def getflag(path): # Open the file as a binary file f = open(path, “rb”) # Read in file contents s = f.read() # Convert the contents of the file into its corresponding binary code str0 = “” for i in range(len(s)): str0 = str0+(bin(s[i]).replace(“0b”, “”)).zfill(8) f.closed return str0     # Define function for steganography of pictures def get(impath, txtpath, newpath): flag = getflag(txtpath) flen = len(flag) # Open picture im = Image.open(impath) # Read in width and height w = im.size[0] h = im.size[1] print(“width:”+str(w)) print(“height:”+str(h)) cnt = 0 # Steganograph the information bit by bit into the picture for h in range(h): for w in range(w): pix = im.getpixel((w,h)) r = pix[0] g = pix[1] b = pix[2] if cnt == flen: break r = r – r % 2 + int(flag[cnt]) cnt = cnt + 1     if cnt == flen: im.putpixel((w,h),(r,g,b)) break     g = g – g%2 + int(flag[cnt]) cnt = cnt + 1     if cnt == flen: im.putpixel((w,h),(r,g,b)) break     b = b – b%2 + int(flag[cnt]) cnt = cnt + 1 if cnt == flen: im.putpixel((w, h), (r, g, b)) break     if cnt % 3 == 0: im.putpixel((w, h),(r, g, b)) # Save the steganographic image to the corresponding path im.save(newpath)     # Start steganography impath = “E:\ctf\guanxi.bmp” txtpath = “E:\ctf\\flag.txt” newpath = “E:\ctf\guanxige.bmp” get(impath, txtpath, newpath)

• How can you extract the information from such a picture with hidden information?

As mentioned earlier, the binary string of our information is written into the pixels in the imageRGBIn order to read the information, we must first put the image of each pixelRGBThe binary string corresponding to the original information can be obtained by extracting the lowest bit of the original information. As we have said before, each character of the information corresponds to one8Bit binary code, so we read the corresponding binary string of this information in eight bits and eight bits, and convert them into characters one by one, then we can get the information hidden in it.

• Now let’s extract the information from the image

Here we introduce a steganalysis tool calledstegsolveAnd then we use it to extractlsbInformation about the steganographic image.

functionstegsolveIt needs to be installed firstjavaEnvironmental Science,javaThe installation and configuration tutorial for the environment is as follows(Double click to click open, you can also drag to the desktop or other places in the computer)

<>

Download at the same timestegsolve(Tools here, double-click to open, you can also drag to the desktop or other places in the computer)

<>

functionstegsolve

Then click“F“Ile” and then click “open” to find our steganographic image

Select, then open

Now it’s time to extract the information

click“A“Nalyse”, and then click “data extract” to enter the tool page of image bit extraction

As we have said before, to read information, we must first put the image of each pixelRGBThe binary string corresponding to the original information can be obtained by extracting the lowest bit of the original information. We can see in the tool interface,REd, green and blue each have 8-bit options, that is, which bit of R, G, B of the image pixel you want to extract, what we want to extract is their lowest bit, so check 0.

clickpreview,The tool will put each pixelRGBExtract the lowest bit of the graph and read it in 8 bits and 8 bits to get the information hidden in the graph (as shown in the figure below)

The following is the Python code implementation of extracting the information hidden in the picture by python (the note describes the code of important functions. If you want to learn the specific function details, you can use Baidu (Baidu: Python XXX function), “XXX” is the name of the function you don’t understand, and you can certainly find it!) :

 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 # coding=utf-8     from PIL import Image     # definitiongetFunction, which is used to read thelsbThe steganographic information in the steganographic image def get(impath): # Open picture im = Image.open(impath) # Read in width and height w = im.size[0] h = im.size[1] print(“width:”+str(w)) print(“height:”+str(h)) str0 = “” # Extract the lowest bit of each pixel for h in range(h): for w in range(w): # The pixel points at the corresponding position are extracted, and thenr、g、bValues of are assigned tor、g、b pix = im.getpixel((w,h)) r = pix[0] g = pix[1] b = pix[2] # Extractr、g、bAnd put in the lowest order ofstr0in str0 = str0 + str(r % 2) + str(g % 2) + str(b % 2) # Every eight bits is a binaryasciiCode, read out the corresponding characters for i in range(0,len(str0),8): print(chr(int(str0[i:i+8],2)), end = “”)     # Start steganography impath = “E:\ctf\guanxige.bmp”     get(impath)

• Seeing this, I think you must know how to do itLSBIt’s steganography. Try to steganography and unwrap the steganography!!!The first person who finished and sent me a screenshot of the process and results was awarded a cup of milk tea!

## Sqlparser a class that uses regular expressions to parse single sentence SQL

Let’s first look at the sample SQL statement to be parsed Copy codeThe code is as follows: select * from dual SELECT * frOm dual Select C1,c2 From tb select c1,c2 from tb select count(*) from t1 select c1,c2,c3 from t1 where condi1=1 Select c1,c2,c3 From t1 Where condi1=1 select c1,c2,c3 from t1,t2 where condi3=3 […]