Thursday, August 19, 2004

Executable stegs?

a /. post pointing to Hydan, a
steganorgraphy tool which allows you to hide data within an executable.
This was bound to happen eventually, being yet another part of your
system with slack space.

Also, this is another one of those tools that
can be used for good (watermarks) or evil (hidden data). It may not
measure up to other steganography methods. If you have readily
available "good" copies of binaries to compare against a steg'd version,
simple MD5 checksums should be able to detect modified versions.

No comments:

Post a Comment