Girls Go CyberStart is a fun series of cyber challenges where a curious mind and a willingness to try are your best tools. You don’t need any cybersecurity background to succeed! But if you like to warm up your cyber muscles before a race, these Practice Puzzles will give you a look at the types of challenges in GGCS along with tips and tricks to solving them. You could be solving challenges like these soon! Find out more and sign up to get competition updates here.
Puzzle #2: download a photograph of a duck and see if you can find the message inside. Hint: Notepad++
Solution — There were 3 clues that would help you solve this puzzle:
1. “Find the message inside” should tell you that it is not something you can see from looking at the actual picture
2. Notepad++ is a tool for text
3. The word “Steganography” is in the puzzle name.
Steganography definition: the practice of hiding data within an ordinary file, so that the presence of the data itself is hidden.
–also known as “Security through obscurity” or “Hiding in Plain Sight”.
With regular encryption the goal is to make the message unreadable to anyone who doesn’t have the decryption key. Steganography hides the fact that a secret is being exchanged at all!
A common example of Steganography is to hide text data within a graphic file. Text files are quite small in size while graphic files require lots of bits. This means that inserting some text into a graphic won’t impact the look of the picture and so will be undetectable to the naked eye.
One way to solve Puzzle #2 is to open the Duck.jpg picture in Notepad++. Most of the content will look like garbage so your goal is to visually scan to find real words. In this case the message is found near the bottom — “Duck . . . Duck . . . GOOSE!”
There are other tools that find text inside an image like a Hex Editor or the strings command. And there a LOT more methods of using Steganography to hide messages including using sound files and special software. We will be revisiting this topic in future posts!
Resources: Wired Article “What is Steganography (it’s basically hiding bad things in good things)” https://www.wired.com/story/steganography-hacker-lexicon/