Covert Communication using iCyberChef

 CyberChef  (http://icyberchef.com/) is a geek tool that allows you to build various data transformations (recipes).  It comes in handy for decoding malware data, etc.

Well, it can be used to create a covert comms channel.  This one uses simple DES which has an 8-character key.  If you're trying to avoid the Facebook "factcheckers" and nanny assholes, this is probably sufficient, but you can go a lot deeper if you want.

1) Go to iCyberChef and create a recipe that looks something like this.



Here's a URL for your convenience:  http://icyberchef.com/#recipe=DES_Encrypt(%7B'option':'UTF8','string':'BidenSux'%7D,%7B'option':'UTF8','string':'Cheaters'%7D,'CBC','Raw','Hex')Generate_QR_Code('PNG',5,2,'Medium')&input=U28sIEJpZGVuIHN0b2xlIHRoZSBlbGVjdGlvbiBhbmQgdGhleSB3b24ndCBkbyBzaGl0IGFib3V0IGl0Lg

So anything you type into the source data box gets encrypted using the KEY and IV and encoded into the QR code at the bottom, which you can copy-paste into your farcebook page or twitter feed.

I'm absolutely sure their robots decode any and all QR codes posted, as they do with text recognition on any photos posted.. but it won't help because they'll just get a bunch of hex digits.  No text for the human language parser to hit on and flag you.

Is is symetric encryption meaning everyone shares the same keys.  Within your group, define the KEY and IV values (must be 8 chars) and share it out of band (not on FB or Twitter).  



2) When you see a friend has posted a QR code, download that pic.

3) Set up a Cyber Chef page like this to decode it.



Here's a URL for your convenience:  http://icyberchef.com/#recipe=Parse_QR_Code(false)DES_Decrypt(%7B'option':'UTF8','string':'BidenSux'%7D,%7B'option':'UTF8','string':'Cheaters'%7D,'CBC','Hex','Raw')

*POOF* You've create a covert communications channel.  Yea, it won't keep the NSA out but you can play with the various encryption tools and perhaps you can make it more secure if needed.  Remember, the objective here is to share information on a "verbotten" topic without the Social Media Fascists hitting us.



Remember, what happens in Fight Club stays in Fight Club. If people start making plain-text replies to a QR then the system will be able to infer whats inside.


This is really only useful for sharing text-based data. Memes and pictures won't fit.



Comments

Popular posts from this blog