Inkqubo yefayile steganography

Molo, Habr.

Ndingathanda ukukubonisa iprojekthi encinci kuyo i-steganography, eyenziwe ngexesha lam lokuphumla ekufundeni.

Ndenze iprojekthi yokugcina efihliweyo yolwazi kwinkqubo yefayile (emva koko FS).
Oku kunokusetyenziswa ukubiwa ulwazi oluyimfihlo ngeenjongo zemfundo.

ILinux FS endala kakhulu yakhethwa njengomzekelo ext2.

Ukuphunyezwa

Iingqwalasela zokuPhumeza

Ukuba kulungile "ukucalula" umgangatho we-ext2, ngoko ungayifaka endaweni yoko kwiFS kukho into ebizwa ngokuba yi-extXNUMX. Iibhloko ezinkulu, enika ulwazi olusisiseko malunga nenkqubo. Emva kokuba ndifunyenwe Vimba Bitmap и Inode Table. Phantse kwangoko, umbono wokurekhoda ulwazi kwiibhloko zeFS ezingenanto zazalwa. Ngoku bekufanelekile ukucinga malunga nokukhuselwa kwiprogram exhobileyo hex umhleli.

Ukuba ugcina ulwazi olufihliweyo ngaphandle koguqulelo oluntsonkothileyo, ngoko ke, nangona lufifi kwiFS, luya kuhlala lubonakala kakhulu, ngakumbi ukuba umdwelisi wenkqubo uyazi ukuba ajonge ntoni. Ngoko ke, kwagqitywa ekubeni kufihlwe zonke iibhloko zefayile yemvelaphi. Ndikhethe ibhloko cipher AES, kodwa njengoko uqonda, oku akubalulekanga.

Ukwahlula iibhloko eziyimfuneko kubo bonke abanye xa kufundwa, kwagqitywa ekubeni kufakwe umakishi okhethekileyo kwibhloko nganye ekuqaleni kwebhloko. Lo mqondiso uguqulelwe ngokuntsonkothileyo ngokuxhomekeke kwinombolo yebhloko kwifayile yemvelaphi. Eli qhinga ngokukhawuleza lenze ukuba kungenzeki nje ukufumana iibhloko eziyimfuneko, kodwa kunye nokuqaphela ukulandelelana kwazo okuchanekileyo.

Umgaqo jikelele wokusebenza kwenkqubo.

I-algorithm yokurekhoda

Amanqaku:

• Kuqala bhala ulwazi oluthile kwindlela yefayile yomthombo;
• Cima olu lwazi (hayi yonke into);
• Ifayile eza kufihlwa yahlulwe ibe ziibhloko zobude obulinganayo, yongeza isiphawuli;
• Fihla ezibhloko;
• Beka iibhloko ezifihliweyo kwiibhloko ezingenanto zeFS.

Kubathandi bomzobo webhloko

Ngezantsi umzobo webhloko we-algorithm yokurekhoda. I-algorithm ifumana iifayile ezine njengegalelo:
-Umfanekiso wenkqubo yefayile eguquguqukayo;
-Ifayile ixhomekeke kwi-steganography;
-Ifayile ene-encryption key ye-AES;
-Ifayile enemarker.

Kuyafaneleka ukuba uqaphele kwangoko ukuba le algorithm ine-drawback enye: emva kokubhala ifayile kwiFS, akakwazi bhala nantoni na entsha kwiFS, kuba naluphi na ulwazi olutsha lunokuphela kwiibhloko esizinikezele kwifayile yethu evaliweyo, nangona oku kukwavula ithuba lokuba “sigqume imikhondo ngokukhawuleza.”

Kodwa kucacile ukuba le nto inokulungiswa njani: kuyafuneka ukuba ubhale kwakhona i-algorithm yokubhala iibhloko kwiFS. Lo ngumsebenzi oqondakalayo, kodwa odla ixesha ngokumangalisayo.
Ngenxa yobungqina beMvume khange ndiphumeze oku.

Ngenxa yoko, olu tshintsho lulandelayo luya kwenziwa kwiFS, yile ndlela iFS ikhangeleka ngayo phambi kwe-steganography (ifayile yeaudio yayirekhodwe ngaphambili).

Kwaye yile ndlela iFS ijongeka ngayo ngolwazi olusele luvaliwe.

Ukufunda i-algorithm

Amanqaku:

• Ngolwazi lwesitshixo kunye nendlela yokwakha abamakishi, qulunqa abamakishi bokuqala be-N, kunye nesiqinisekiso sokuba i-N iphindaphindwe ngobude bebhloko yefayile yefayile inkulu kunobude befayile efihliweyo;
• Khangela iibhloko kwiFS ukuqala ngabamakishi;
• Cacisa iibhloko ezifunyenweyo kwaye wahlule abamakishi;
• Qokelela iibhloko ezinesiphumo ngolandelelwano oluchanekileyo kwaye ufumane ifayile yemvelaphi.

Kubathandi bomzobo webhloko

Ngezantsi umzobo webhloko we-algorithm yokurekhoda. I-algorithm ifumana iifayile ezintathu njengegalelo:
-Umfanekiso wenkqubo yefayile;
-Ifayile ene-encryption key ye-AES;
-Ifayile enemarker.

Emva kokuba inkqubo iqhutywe, ifayile yeFunda ibonakala, eya kuba yifayile ekhutshwe kwisixokelelwano sefayile ye-steganographed; ukuba isitshixo okanye isiphawuli sichazwe ngokungalunganga, ngoko ifayile yokuFunda iya kuba ingenanto.
(kubathandi bobuhle, awukwazi ukufaka kuphela ifayile, kodwa "i-header" equlethe ulwazi lwe-meta: igama lefayile, amalungelo, ixesha lokugqibela lokuguqulwa, njl.

Ukuqalisa okuzenzekelayo

Ukwenzela lula, izikripthi ze-bash zabhalelwa ukwenza ukuqaliswa ngokuzenzekela kwi-Linux (yavavanywa ku-Ubuntu 16.04.3 LTS).
Makhe sijonge ukuqaliswa kwenyathelo ngenyathelo.
Rekhoda:

1. sudo Copy_Flash.sh "DEVICE" - fumana umfanekiso weFS kwiDEVICE (flash);
2. ./Write.sh "IFILE" "ISIHLOKO" "UMAKI" - yenza indawo ebonakalayo, khuphela iilayibrari eziyimfuneko kwaye uqhube iskripthi sokubhala;
3. sudo ./Write_Flash.sh "DEVICE" - bhala iFS etshintshileyo kwakhona kwiDEVICE.

Ukufunda:

1. sudo Copy_Flash.sh "DEVICE" - fumana umfanekiso weFS kwiDEVICE (flash);
2. ./Read.sh “KEY” ‘UMARKER’ - yenza imeko-bume ebonakalayo, khuphela iilayibrari eziyimfuneko kwaye uqhube ukutsiba ukufunda;
3. Kuluhlu lwangoku, vula ifayile yokuFunda - olu lulwazi oluzip.

isiphelo

Le ndlela ye-steganography mhlawumbi idinga ukuphuculwa, uvavanyo olongezelelweyo kunye nokwandiswa kwiinkqubo zefayile ezidumileyo, ezifana Amafutha32, NTFS и ext4.
Kodwa injongo yalo msebenzi yayikukubonisa umgaqo onokuthi uqhube ngayo ukugcinwa okufihlakeleyo kolwazi kwinkqubo yefayile.
Ngoncedo lwe-algorithms enjalo, ungagcina ulwazi ngokungenaloyiko, kwaye ukuba, ukuba uyasazi isitshixo, kunokwenzeka ukuba uqhekeze inkqubo enjalo kungengamandla akhohlakeleyo (kodwa nge-algorithm ende kakhulu), ngoko ngaphandle kokwazi isitshixo, oku. inkqubo ibonakala kum izinzile ngokupheleleyo, nangona kunjalo, oku kunokusebenza njengesizathu senqaku elahlukileyo.

Yonke ikhowudi iphunyezwe kwi-Python version 3.5.2. Umzekelo womsebenzi iboniswe kwitshaneli yam ye-youtube. Ikhowudi epheleleyo yeprojekthi ifakwe kwi github.
(Ewe, ewe, ndiyazi ukuba kwinguqulo yemveliso kufuneka ubhale into "ekhawulezayo", umzekelo C 😉)
Kolu kuphunyezwa, ubungakanani befayile yokufaka i-steganography akufanele idlule i-1000 kB.

Ndifuna ukubonisa umbulelo wam kumsebenzisi PavelMSTU ukufumana iingcebiso ezixabisekileyo ekucwangciseni isifundo kunye neengcebiso malunga noyilo lwenqaku.

umthombo: www.habr.com