1. Lorenzo Petrone Avatar Lorenzo Petrone
  2. Untitled project
  3. stegosauro

Wiki

Clone wiki

stegosauro / Home

View History

Introduction

stegosauro is an auto-destructive steganographic encoder. It works by recording the desired information into files' access time, hence whenever someone opens those files without using stegosauro itself, that information gets deleted.

Currently it is very simple, but it might be upgraded in future to be more auto-destructive (using the subdirectory access times too, for instance).

Guide

The typical use is on a remote server command-line.

  • create a directory tree full of files
  • ensure that there are no processes accessing that tree
  • run stegosauro on that tree

An `ls` on the main dir of the tree will be enough to harm the data, but it would still be recoverable. Opening any file will permanently destroy part of the data.

Limitations

Notice that it can only store a trivial amount of data, i.e. 2 bytes per file. Hence, if you happen to need to save a lot of data, you'll have to use it on a directory tree with a huge number of files (hint: maybe some kind of cache directory).

AFAIK it doesn't work on Windows filesystems, since they don't store properly the atime.

Please always remember how volatile the saved data is: if you have any filesystem crawler, it will destroy your saved data! It shouldn't be used to store the only copy of a particular piece of information!

Mind that currently it might produce some files with an atime in the future.

History

I wrote this in 2002 as a C program for a Security exam, then I kind of abandoned it. Back in those days, Internet existed but it wasn't that common, and the main file exchange media were floppys, CDs and HDs. With CDs it was quite obviously useless, and if somebody put his hands on a hot floppy or HD he would have likely datadumped it before even mounting it (unless he was an incompetent, of course), thus making this measure useless again.

Now that Internet is as widespread as it is, and VPSs are more and more common, stegosauro could finally find someone actually interested in using it. Hence, I rewrote it from scratch using python 3 in a few hours.

Updated