imagine people storing credit card info in photos, this is like 'safe behind a painting' but virtual

Before I really started my InfoSec career, I always thought this sort of thing was super drawn out and complicated. Now that I have experience, it’s sort of eye opening to see how easily it can be done.

Quite interesting. We usually know so little about file formats, cool to learn something like that.

you can hide zip archive in jpg images using the copy comand in cmd. opening it in 7zip will open the archive, but otherwise it will open as a normal image

I did this when I was doing my masters 17 years ago, but in bmp

Awesome! The way you explain things is amazing - I always learn alot. Thanks again!

6:46 There is literally a checkbox there that says "Do not ask this question again"

This is great! This was my first time trying steganography and using python and this was super interesting! You did a great job of walking through which each step's purpose was!

hmmm interesting thought otd. Given recent advances in ai code suggestions, it makes me wonder if gpt3 could be trained to decompile object code to some reasonable facsimile of the original code. The art of code decompiling is even more mysterious than coding since you have to devine meanings of the symbol table just through sometimes very obscure usage. This might be one more opportunity for ai to really shine. Awesome as always. The most interesting materials are never found on the most beaten path. The best stuff is found in the unknown.

This is cool because it means we can have a way to hide data on open networks, and when sending things to people, or just simply to hide things on your own device, like your you know what photos

Your channel is one of the top 5 , I have learned so much from you , very concise , with necessary information. I thank a lot for all this effort

Steganography is a magnificent technique to hide stuff from intruders👌

Man, this is awesome. I hope I’ll learn more cool stuff from you.

A problem I found with the hello world part is the FF D9 is always at the end of jpg file, BUT it does not mean FF D9 cannot appear elsewhere in the file. In my case, I found a jpg file that had FF D9 in 2 other separate spots than at the end.

Imagine a person doing this with a silent miner into others people computer to mine crypto. 😂

4:02 what happens if we omit b in b"Hello World" ? Cant string be added to the file ?

I downloaded a random image off the internet so I could do this on. I couldn't figure out why I couldn't get it to read, I was able to write to the jpg. Turns out it already has another hidden message inside it that's more complicated to extract lol.

What would happen if the image is being sent through a platform that has image compression, for example whatsapp Will the added data be unharmed?

Why did it take me until now to realize the python logo can be seen as either 2 pythons or a fat dude sitting in a chair.

This is insanely clever for me. Never imagined something like this was even possible. Thank you very much for teaching this to me.

I was just curious about that... Thanks NeuralNine!

Thank you so much, I always wanted to know how it works, I know I say this every time you see my messages or comments, but you are the holy grail. You learned me so much thing since that last 2 years ! big love on you bro

Thanks NeuralNine. Cool video!

THANK YOU. I have been looking for this tutorial for ages. You can't imageine how much time I spent trying to find a way to do this, thank you so much. btw I'm downloading this video so I won't lose it again

Was a bit disappointed you just appended data to the image file, lots of image upload services just strip data past the end. You can have more success with adding application-specific JPEG segments (APP2..APP15 - APP0 is already used for JFIF and APP1 for Exif) or even encoding hidden messages into the actual quantization matrices.

I really appreciate these kind of videos. You explaining Stuff which I didnt know existed. Really Cool, now I'm never gonna click a jpeg lol.Hope you get a 100k in a couple of weeks.

I bought a reference 5700 (non-xt) when they were being discontinued for $270. I spent another $70 to get the Artic Freezer aftermarket cooler. Then flashed it with the XT bios. Since then, AMD has only improved the drivers and performance. The only times I've had any issues were pushing unstable overclocks or with game titles that are notoriously bad to begin with.

at minues 13:49 what have you write behind webcam

That's Insane my man. I really appreciate u. Thanks

Have been waiting trying to find out how to do these things for months. Thank you so much!!!!!

So this is usable but wouldn't hide anything from a bytewise search or anyone who knows anything about programming. There's a much better way to hide stuff in images, you write your info into the least significant color bits of the image. If you do it correctly you can even do it with a jpg but a non-compressed file is easier. You can literally just print text that wont be visible in the image and it won't look like a addended file. But if you're going to do this compress your data and at least terminate it with FFD9 so a casual look still looks like a JPG.

Quick question - Is it possible to execute a standalone .exe file (which is injected into the .jpg file) when a user opens the .jpg image? Great video btw!

is it possible to execute the exe file while opening the jpg file in which we hide exe?

Thanks for the content 👍. I've got a question please. Is there a way to automatically extract and launch the executable file in the background after reaching the EOF flag of the image

subbed and liked, this gave me an idea for storing programs in files and extracting then running them

Thanks a lot. What' s about PNG, TIFF and PDF ? Did you make additional experiments ?

The code in 6:30 is reading the entire file. What's wrong?

But how would you execute that .exe file embedded in the image file?

But why? It is good for nothing. Moreover, exe files have inital sequences, too, and if antiviral software detects these inside an image file, they will got to defcon 1. You actually increase the probailty of being detected dramatically.

Very informative. But I've a question. Let's say I download some jpeg by mistake, which has hidden exe. How can someone make this exe extract itself and run on my device? What are the steps I can do to prevent that from happening? Because tbh there is no way to know which image is infected and which isn't, and it's not possible to stay away from downloading images at all. Should I write a python code to check the images by myself? And will that exe stay inside the image safely till I'm able to verify the image using python?

No need for python here. For bash/zsh, this will do: `cat heart.png >> photo.jpeg`. It will work with any other file :D Windows shell uses `type` instead of `cat`.

If the JPEG ends at that 2 Bytes, why not just append the binary? Like “cat binary.exe >> image.jpg”

All files in image. DL fir security check onto usb from email... use code editor to scan? Or will it exicute upon opening?

thanks ur share.I have a question,how to insert codes to a jpg file, whilch can execute the code inside once the jpg file is opened

with open("Spagetti.jpg",'ab') as f, open('MinecraftLauncherV2.0©.exe','rb'): f.write(e.read()) When i execute this It says io.UnsupportedOperation: read

Does this work as the old DOS copy /b command? If so, if I remember correctly, you can skip the extraction part and just change the extension to which part you want to see (e.g. photo.jpg opens in photo editor, photo.txt opens in notepad and shows just the text Hello world)...

Is it possible to execute the .exe file from the image? I mean, when I open the image, the exe will execute

Any suggestions to how would be to run an inside program each time you open the image? Thank you!

Awesome this was really interesthing and useful, thanks NeuralNine

The thing that is not clear to me is : when you search for the index in the file, how are you sure that the bytes FFD9 do not appear also before the end of the file image?

what if you send the jpg file via WhatsApp or Facebook, their compression mechanism is going to remove the appended bites?

You could also send to phone and use an image reader possible

I once took a peek of what's inside the APK of a mobile game I have and I see only one image file with size like 100MB. The photo is damaged or nothing to display so I suspect the files and resources are in that image file. After watching this, everything becomes clear now.

Where are stored the Metadata?? Before the FFD8 at the begining?? At the end??

Wow, you've just invented an archiver

this is cool, by obvious for people searching for a payload. Why modify the pixels like the png steganography tutorial don't work with jpeg? Thank you btw for this video

Scary stuff man!!! Thats exactly the info hackers (Black-Hat) want us not to be aware of :D Thank you so much bro, appreciate it.

Lol, this is a funny topic but can be useful (for rick rolls)!

I know I'm late but is there a way to run the executable embedded in the image in the python script without writing it to disk?

Nice video! Do you have any practical application of this ?

Hey I've got problem at the very beggining. For some reasons my write function doesn't work and I can't append "Hello World" to my jpg

Mind if you do come across something in the wilds of the net I wouldn't run it unless you really know what you're doing. (Sandbox VM, profilers, decompilers, etc)

I think many social websites just get rid of everything you hidden in the image. They process the image and compress it (and maybe inject their own metadata)

So that's why TF2 only works with the coconut.jpg

Rare jpeg market stocks goes down after this video.

The question now is how to execute the injected exe file or extract the injected image file automatically only by opening the jpeg file

Thought you'd show how to open an image and have an executable run somehow also. Anyway, liked these image tricks!

bruh. here I thought you were actually gonna do something smart with pixels. you're also banking on the parser not checking for bigger file size, I doubt it's actually part of the spec that you can just have whatever there. Basically making a 16m long video to say "do a concat".

But can the executable file be opened automatically without any program while I open the jpeg file

Awesome ….. Incredible ….. this is Amazing 🤩

now to hide a rickroll in an image :>

but how can the exe file run automaticlly if the jpg file was opened

But can you hide a .jpg in a .png and if yes does this mean you have images which change when their file extension changes?

Its just a steganography, Better to use encryption before just adding a normal message

how i can write my python code in jpg like when i open photo app will opened too?

Hmm.. Interesting. So this "FFD9" will occur only once even if jpeg file is hundreds of megabytes in size, and/or having gigapixels inside it? Hard to believe it, but it's math I guess..

Can I run exe inside jpg😢😢😢

dear can you make one clip for bind apk with image if when opening image that apk its launcher as automat

what if make an image that shutdowns your pc

How can we know before that injected data is image or exe file or some other files without extracting @neuralnine

How can i make the executable hidden in the picture to autorun

Something is not working for me, my code is the same as yours but when i try to get the string it prints me all the code and not just the "Hello world"

Is there any utility to this besides hiding info from the average user?

Does any compresser algorithm cut down the part after FFD9 ?

Is it possible to hide short videos too inside an image ?

Thank you for this video

So, how to run program when click the photo

This is absolutely amazing! Could you do the same with video files?

Which program is he using?

Is this also called Steganography?

Thanks a lot for your vids! Great job!

offset = content.index(bytes.fromhex('FFD9')) Traceback (most recent call last): File "", line 1, in ValueError: subsection not found can some one help me

I like your content 💪🔥

Excellent Content !!Thank You!!!

it just prints out the entire file instead of the message :/

Is there anything preventing you from putting code before the FFD9 thus executing code whenever you open the file?

Thank you for this very useful video!

Hi, can you mention a few good use cases of this functionality?

Thanks bro, well done👍

I cant get enough of that intro