unforum

[Strix]

The Book of Revelation seems quite important to the Brotherhood. I did a search for the word key in the book of revelation at www.biblegateway.com and there appear to be four keys mentioned. They are: the key of death, the key of hell, the key of David and the key of the bottomless pit.

edit: I just tried death, hell, David and bottomless pit as answers - no luck

[Trace]

OK it says that hiderman hide the file yes? then mabey the people who made hiderman can check to see if this is the case, i mean im sure they would know if it was hiderman or not.... i doubt they will decrypt it for us but ...?!?!?!

[SteveMids]

Hiderman / Utilesoft.com

[James Stone]

I am a bit skeptical of the usefulness of this StegSpy software. Not only has it identified a Hiderman steg inside the photo which can not be unpacked by Hiderman, but it also fails to detect steg in various photo's I have that are definitely stegged. Some pics are from ARG's I have played, others are ones I have stegged myself, and StegSpy has failed to recognise any of them.

[SteveMids]

I have to support the comment made by James Stone (from an uninformed point of view).

He has given you details in respect of the reliablity of a piece of software that he has had experience of, and the results thereof.

It has identified Hiderman as the software used to encrypt the message, however, the version of this that is available on a freeware/shareware basis cannot identify any hidden files.

It would be unethical for the PM's to either;

1) Encourage the illegal use of software in order to solve a task, and
2) Enforce the players, to shell out for a piece of software that would only be used to solve this task.

With that said, I believe that even if you do find a working/crackable copy of version 4.x.x of Hiderman, we will ultimately be disappointed with the results.

Can we get a concensus of opinions, and by this I mean those that use Steg programs, list their own detector software AND the results that they produce?

ie.

StegSpy (version number) -----> Hiderman


Just a thought, but it seems an awful lot of work/research is being done on the basis of the results of one piece of software, especially when the research that I have done claims that an awful lot of "false positives" are produced.

(OK - so my initial claim of NO knowledge may have been a little off!!)


SM

[shimanotaka]

I have found out some more stuff.

1. I scanned the arabic forum where I found the Hiderman 4.1.3 RAR file. I guessed that the password was inside a attached text file, at the bottom of the post, that you had to be registered to access. I Googled the filename until I found a forum where there was a text file that they had missed to protect (there are a lot of arabic forums with instructions how to use Hiderman. Scary...). I now have Hiderman 4.1.3 (I think. You can't check the version anywhere)

2. In Hiderman there is an advanced option to make the truck files undetectable by Hiderman. That's why Hiderman 3.0 didn't find anything. There is also an advanced option to force extract files even though Hiderman doesn't detect anything.

3. StegSpy didn't detect a test steg file that I made with Hiderman 4.1.3, which makes me believe that the 4K.png was encoded with Hiderman 3.0 after all. If StegSpy is correct at all.

Still, even if I have the tools now, I don't have the password. Which means that I'm still on square 1.

EDIT: Aaaaaaaand back to square 0. Just for fun I ran StegSpy on some jpg-files that I've taken with my Digi-camera. Already at the second picture I tested, StegSpy claimed that Hiderman code was present! StegSpy must be the most worthless heap of 0's and 1's that I've ever laid my eyes on. All this work for nothing.

[SteveMids]

[Unfeltkisss]

Well crap then. Where do we go from here?

[WolfHawk]

[Wang Guantao]

Im no steg-spert (yes that pun will get me killed in most countries) but from what i read on wikipedia, and my limited knowledge of file formats etc, it's not possible to hide things in a png for example. PNG's are lossless compresion, and thus every byte should be significant for the creation of the image. What this means is that entering hidden information into the PNG would either ruin the file so it could not load, or produce a visibly garbled image. So I don't think this stegging angle is correct, but I have no clue how else to proceed so I almost hope im wrong.

What we could do was wimply loading the image in an image editor and playing around with colours, thresholding or other things.

maybe the four keys are written in plain text on top of the image in a colour that is 1 bit of in either direction and thus vertually impossible to notice for the human eye un altered?

That would also give a reason for the image to be PNG and not Jpg, since the lossy compression of jpegs would likely swallow this subtle alteration.

Just a thought, I don't have anything but MS Paint on this machine, so I can't investigate this option atm.

--Edit
Hehe, it just ocurred to me that StegSpy could be a viral ad program for Hiderman

[James Stone]

That analysis of Steg in a PNG file is incorrect I'm afraid. PNG files are perfect for Stegging. You split the coded message and add parts of it to every image byte, using the most unimportant bits first. PNG's are big lossless files so you get more bytes to hide data in. You could comfortably fit a steg into this PNG at 4 bits per byte, you would only start to notice the difference if you went up to 6 bits per byte and compared the original image with the stegged one.

[Wang Guantao]

Yeah I ws totally wrong about that. especially since I had misunderstood how the stegging worked. I figured it was extra bytes added to the file not alterations of the existing ones... I was about to go back and edit but you did it before me, good job =)

so yeah... guess we can't throw away the steg angle completely.

Notgord you say you've tried destegging with various passwords... how about with no password? Mosaiq (web based stegger for small images) allows you to steg and desteg with or without passwords.

[notgordian]

Haha...no password is the first thing I tried. 'Cuz I'm lazy like that.

My attempts have all been using Camoflauge, though, since I didn't think about different iterations of stegmentation programs.

[Wang Guantao]

Try a few different programs then I guess is one way to go at it.

Or if we some code guru could make a program that went through the image pixel by pixel, and discarded all but the least significant bit (or possibly 2,3,4 bits, how ever many it would take) and see if we get some nice ascii values from that?

the "Order is irrelevant" comment makes me think that stegging is not nescearily the right way to go, since that would likely produced 4 kyes in an ordere fashion if they where so hidden.

[Unfeltkisss]

I already spent some time with the image in Photoshop/ImageReady, but I'll go give it a second shot to see if I can turn up anything.