How to hide stuff in CDs and DVDs

What do you think of this little article?

  • It's the worst piece of **** I've ever read! A total waste of time and energy

    Votes: 0 0.0%
  • OMG you've enlightened me! Now I want to be a forensic expert :D

    Votes: 0 0.0%
  • Whaaaat? I already knew about everything you said :-/

    Votes: 0 0.0%

  • Total voters
    6
Status
Not open for further replies.

The CyberShot

Broken In
How to hide stuff in CDs and DVDs

Many a times you might have wished certain stuff on your CDs and DVDs were private and accessible only to you and no one else. While you could achieve this using WinRAR or any other archiving software that can encrypt your data, it doesn't allow for quick access to the data as you need to decrypt and extract the stuff first. While this might not be much of a problem for a small amount of data, you might get into trouble when you’ve got gigabytes of ones and zeroes to hide. Now I know that for all legitimate purposes your stash of hidden data would never really get this extensive, but the keyword here is ‘legit’. What about the skeletons in your closet? (Read: porn) They need to go somewhere too, right? And you need a much larger cache for them. You *could* just take a hike and encrypt those files anyway but since questionable content has a tendency to amass gigabytes of space, you might get into some serious trouble while extracting the stuff; not to mention about the overhead associated with decryption. Your processor wouldn't be so happy about it. Oh, and a conspicuous 4GB RAR archive that also happens to be password protected does raise a few eyebrows ;-)

So what do you do? How do you hide all that illicit data you gathered from your sporadic covert operations?

Well, there are many solutions. And you can be inventive and create a new one too or just and find some more off the web and add them to this thread. Here’s what I found:

1. CD-Lock
2. Multi-Session Hiding
3. Modified Disc Image (Hex Edit)

(This list is by no means exhaustive and there might be many more innovative ways to hide stuff in optical media. If you catch any, bump this thread with your finds)

CD-Lock:
This is a fairly easy to use software tool that encrypts your stuff and then decrypts them ‘on-the-fly’ and with speed you won’t believe... literally. This program installs a system level driver and that’s probably what does the trick. I’m not sure whether it’s actually secure though, but for everyday purposes, CD-Lock might just cut it. When I tested it way back (when I was with a P4 and WinXP), it seemed a lot buggy. They’ve probably fixed the bugs by now, but you can never tell. Try it out for yourself and see what you get

URL: *www.cd-lock.com/



Multi-Session Hiding:
Now this is something I stumbled upon totally by accident. I made a multi-session disc and burnt some data into it. Then one day I went to a cyber cafe, downloaded lots of hacking tools, books, MHT webpages, etc. and other variegated content. I asked the guy who ran the cafe to burn the stuff into the DVD for me (the one I made earlier) and when he was done, I couldn't find the stuff I burnt earlier. They had vanished into thin air (or thin plastic) without leaving a trace. I did some online research and found out that sometimes only the last session that’s burnt onto a disc would show up. This does not mean that the earlier sessions are lost. You can still access them and extract data by using specialized software like IsoBuster or CD/DVD Inspector
I haven’t tried achieving this on purpose, but I’m sure it can be done (see IsoBuster screenshots)
*www.isobuster.com/en/isobuster/help/TwoDataSessions.png

Modified Disc Image (Hex Edit):
This is a technique I found about at a forum somewhere on the internet and I tried it out.

Things you need:

  • PowerISO or any ISO burning/creating software (IMGBurn might work too)
  • A hex editor capable of handling very large file (I used HxD and Tiny Hexer)
  • WinRAR (optional)




In this example, I’ll show you how to hide files in a CD. The same method applies for hiding stuff in DVDs. First of all, you need to decide on a nice and small dummy file to write to the disc. This file will be visible to anyone who reads the disc. The dummy should be small if you want more room for your hidden (or questionable) content.

Calculate the size of the dummy file in this way:
Questionable Content + Dummy = 700MB (for CDs)
Questionable Content + Dummy = 4.7GB /8GB (for DVDs)

We need to do this to make sure there’s no free space left on the disk so that it looks as if nothing’s burnt to it e.g. If we burn a 40MB dummy and 200MB hidden stuff, then by looking at the disc you can make out whether something fishy is going on. But if it was fully burnt, you probably won’t see the difference (This is only to ward off nosy friends and relatives. A motivated geek will get if your hidden data if he is suspicious)

Ok, now start PowerISO (or any other image creation program) and add the dummy file. Create an ISO image of the disc and then open it in HxD (Tiny Hexer is great but doesn’t handle large files :cry:)

Now move to the end of the image in the hex edit. Click on the right side of the hex dump where you see all the garbage stuff like numbers, symbols and text. The cursor should be at the end of the file. Now create a marker here so you know this is where your hidden cache starts. Create a marker by typing something in here that you can relate to like [START] or {HIDDEN STUFF START}, etc.

Now load the file you want to hide in the hex editor and copy everything from it. Note that you need to copy the ASCII stuff in the right and not the actual HEX data (in layman terms, just copy all the garbage on the right and *not* the numbers and capital letters on the left)

Switch back to the hex dump of the ISO image and paste all the stuff there (append it to the file)

Now you may insert a file termination marker so you know here’s where your file ends. Enter a marker like [END] or {END OF FILE} etc.
You can repeat the above process for any number of files you want to hide, but make sure the size of the image doesn’t exceed the size of the optical media.

Oh, and by the way, you might want to add a filename and filetype marker with the start and end tags too as you probably won’t remember them just by looking at its hex dump ;P

Now that you’ve appended all your dirty stuff to the ISO image, you can go right ahead and burn it. After you’re done, put the disc back into the tray and check it out. Windows will show the space occupied by the dummy file and your hidden stash will not be seen. Even the disc properties will show no free space left on the disc. Cool, eh? :D

How to extract the stuff back you ask?
Just create an image of this disc and throw it into HxD. Look for your markers (search for text-strings)
And extract (copy) everything between the [START] and [END] marker. Create a blank file (in HxD) and paste the copied stuff in there and save it with the correct file extension.
Tada! You’re done! :-D

Happy hiding! :C_lolwink:


Useful Tips:

1. When you’re looking for a dummy file with the right filesize, you might not get one that fits the bill. You can try using Windows search for it or use a much better program like Locate for this purpose. Just do a filesize search.

2. In Tiny Hexer, you can create macros which can probably help in automating the whole process of extraction from the disc image. If anybody succeeds in doing that then please share your creation.

3. Keep in mind that we’re only hiding stuff here, not protecting them so you might want to encrypt your files with WinRAR (I mentioned it in the beginning, didn’t I?) for security purposes but that defeats the whole purpose in the first place, doesn’t it?

4. Another useful tip would be to create a virtual encrypted volume using TrueCrypt and then burn it to the disk. It certainly doesn't hide anything but your data is encrypted and you can mount it right from the disc (I think) and use it just like an ordinary CD or DVD. And what's more? If you are forced by someone to reveal the password to the volume, you can even define a fake password that unlocks a hidden volume containing garbage data inside it so the attacker is thrown off-course :D (Can someone do a nice tutorial on this please?)

5. If all this data hiding has piqued your curiosity, you can learn more about the stuff by reading Computer Forensics For Dummies and CD and DVD Forensics


P.S.: I haven't slept in 24 hours and I'm groggy with exhausted now so I'm not adding any screenshots. I might do that in the near future when I get some time or else you'll have to live with it. If you loved/liked/disliked/hated this tutorial, please tell me what you think by rating it using the poll above. Thanks :)
 

hot zubs

live life king like...
Good work dude, i guess u hav done a lot of research on it...
but still its a big hassle doing all this work...
i need something like - if v put our DVD it should ask d password, if d password is right it should show d data in it, thats it as simple as it sounds...
if someone know about this kind of software plz enlighten me...
 

Zangetsu

I am the master of my Fate.
Gr8 work....I liked the CD-Lock will try it soon...

then second method i knew....but the mutisession hiding happens once in a while not always...:grin:

the 3rd trick is also good but cumbersome....:-D

new ways well appreciated work...
 
OP
The CyberShot

The CyberShot

Broken In
i need something like - if v put our DVD it should ask d password, if d password is right it should show d data in it, thats it as simple as it sounds...
if someone know about this kind of software plz enlighten me...

@hot zubs: CD-Lock is the software you're looking for, but be careful though, the last time I tried it (about a year ago) it seemed to be very buggy. It prevents unauthorized access to the optical media but if you use it, you're not actually hiding anything. Anyone would know that there's *something* you're trying to hide and that could get you trouble too. But if you don't mind people knowing you're hiding something, you could just go ahead and use that. It's the closest you can get to 'Enter password for access' kind of CD/DVD authentication *without* having to worry about worry about dealing with the overhead of decryption and extraction of data. Be warned though that the encryption used by CD-Lock (if there is any) seems pretty fishy to me and your data might not be as secure as you think! A determined adversary *will* crack it! But if you use the Hex Edit method, there's a chance that he *might* not be aware you're hiding something on the disc so you have an advantage. Of course if he's suspicious, he'll find out the hidden cache anyway. In that case you can take the extra step and encrypt your data using WinRAR *before* you add it to the disc image and then burn it but it's not worth it if all you're trying to hide is just porn ;-)

---------- Post added at 03:32 PM ---------- Previous post was at 02:20 PM ----------

@KaranTh85: Yeah, it's a bit cumbersome, but it helps hide your data at least. And I think you can create macros using Tiny Hexer that can probably automate the process. Or maybe use AutoIT?
 
Last edited:

Ramakrishnan

The Researcher
You require two things to burn a DVD or CD with password or digital signature protection. Nero 9 and LG Dvd writer which is securdisc enabled.

See the this screenshot:

*img696.imageshack.us/img696/1895/nero9d.jpg
 

Ramakrishnan

The Researcher
The follwing manufacturers currently provides SecurDisc drives:

Hitachi-LG Data Storage, LG Electronics, Philips & Lite-On Digital Solutions and Lite-On IT Corp. provide SecurDisc capable drives. To find out more, click *www.securdisc.net/ena/what-you-need.html
Back to Top
 
Status
Not open for further replies.
Top Bottom