Covert Communication using iCyberChef

 CyberChef  (http://icyberchef.com/) is a geek tool that allows you to build various data transformations (recipes).  It comes in handy for decoding malware data, etc.

Well, it can be used to create a covert comms channel.  This one uses simple DES which has an 8-character key.  If you're trying to avoid the Facebook "factcheckers" and nanny assholes, this is probably sufficient, but you can go a lot deeper if you want.

1) Go to iCyberChef and create a recipe that looks something like this.



Here's a URL for your convenience:  http://icyberchef.com/#recipe=DES_Encrypt(%7B'option':'UTF8','string':'BidenSux'%7D,%7B'option':'UTF8','string':'Cheaters'%7D,'CBC','Raw','Hex')Generate_QR_Code('PNG',5,2,'Medium')&input=U28sIEJpZGVuIHN0b2xlIHRoZSBlbGVjdGlvbiBhbmQgdGhleSB3b24ndCBkbyBzaGl0IGFib3V0IGl0Lg

So anything you type into the source data box gets encrypted using the KEY and IV and encoded into the QR code at the bottom, which you can copy-paste into your farcebook page or twitter feed.

I'm absolutely sure their robots decode any and all QR codes posted, as they do with text recognition on any photos posted.. but it won't help because they'll just get a bunch of hex digits.  No text for the human language parser to hit on and flag you.

Is is symetric encryption meaning everyone shares the same keys.  Within your group, define the KEY and IV values (must be 8 chars) and share it out of band (not on FB or Twitter).  



2) When you see a friend has posted a QR code, download that pic.

3) Set up a Cyber Chef page like this to decode it.



Here's a URL for your convenience:  http://icyberchef.com/#recipe=Parse_QR_Code(false)DES_Decrypt(%7B'option':'UTF8','string':'BidenSux'%7D,%7B'option':'UTF8','string':'Cheaters'%7D,'CBC','Hex','Raw')

*POOF* You've create a covert communications channel.  Yea, it won't keep the NSA out but you can play with the various encryption tools and perhaps you can make it more secure if needed.  Remember, the objective here is to share information on a "verbotten" topic without the Social Media Fascists hitting us.



Remember, what happens in Fight Club stays in Fight Club. If people start making plain-text replies to a QR then the system will be able to infer whats inside.


This is really only useful for sharing text-based data. Memes and pictures won't fit.



Comments

Post a Comment

Popular posts from this blog

Executive Order #666

Image
  Executive Order Regarding a Physical COVID-19 Passport on the hand or forehead Dec 11, 2021 • EXecutive Orders Would you be surprised?  Joe Biden, in his infinite wisdom, has given his beloved COVID vaccines the attributes of the "Mark of the Beast."  Lets explore that. What or who is "the Beast?"  Most Christians, and even many non-Christians have heard of the "Anti-Christ".  He is this coming world leader (or is he here already?) who will suddenly rise to power (due to his alliance with Satan) and subdue much of the Earth.  He is said to rule for 7 years (the Tribulation) with the last 3 1/2 years being the most brutal (the Great Tribulation).   "And I stood upon the sand of the sea, and saw a beast rise up out of the sea, having seven heads and ten horns, and upon his horns ten crowns, and upon his heads the name of blasphemy." Rev 13:1 In prophesy "the sea" in this case would represent humanity currently living on Earth at the tim
Read more

Ian Miller Charts (see @ianmSC on Twitter) Archive

Image
"As a dog returns to its vomit, so a fool returns to their folly (or failed public policy)"  Proverbs  Ian Miller puts out a lot of these charts, I thought I would try to organize them for easy access.  These charts prove the adage "When your only tool is a hammer, every problem looks like a nail." He hath a book: on AMAZON Interview about the book HERE    INTERNATIONAL Andorra Australia Austria Belgium Brunei Canada Alberta Ontario Quebec https://pbs.twimg.com/media/FR7qJ_fVkAAgfwd?format=jpg&name=small Czech Republic Chile China (Taiwan's rebellious province) Denmark England France Germany Gibraltar Hong Kong Iceland Israel Italy Japan Netherlands New Zealand Philippines Portugal Singapore South Korea Spain Sweden Switzerland Thailand Taiwan (the real China) Vietnam DOMESTIC USA Washington DC States/Cities Arizona California Marin County LA County San Francisco Connecticut Delaware Florida Hawaii Iowa Maine New Mexico Minnesota M/St Paul New York New Jerse
Read more