I've found hidden data in one of the Podesta email images, but I dont know the password! HELP!!! [Steganography] (pizzagate)

submitted ago by TheUltimateDebate

I was using a Steganography detection software and it flagged the following image as using a steganography method called "jphide": http://i.imgur.com/a3pUmpH.jpg

Now, the thing is that when I try to use Jphide to uncover the data it asks for a password, and the only thing I had to try with was the filename, but because I originally found the image from THIS site http://hollaforums.com/thread/8067477/politics/open-directory-found-from-the-podesta-emails-large.html and on the site the image was called "1477744604436.jpg" (which does not seem to be the original name from the Podesta emails because when I searched for that filename it didn't come up with any results). I therefore need YOUR help in finding the Podesta e-mail from where this photo was taken from, so that we can see if there are any suggestions of a password that we can use to crack the image file. Most probably the password will be the name of the original file, so if ya'll PLEASE can help me locate this photo from the Podesta e-mails we might have a chance to uncover what's hidden in this file!!

For anyone who's interested, this is how it looked when I scanned the photos. You will see that the photo in question is flagged as being encrypted with "jphide" steganography method: http://i.imgur.com/VtlG3My.jpg

God Bless!

You are viewing a single comment's thread.

view the rest of the comments →

NoRagrets ago

In the thread on 4chan, "SwissGuy" appears to have used an app available at http://hanynet.com/isteg/
This is software for a Mac which I do not have access to.

Using OpenStego I tried to decrypt the image in OPs post (downloaded from wikileaks, not imgur).
Following instructions from Swiss Guy, I tried 3 possible strings as the password, none worked.
e63csp284426lfb
g68mr68626420yke.23.1417453546899
g68mr68626420yke.23.1417453546962

So then I tried reproducing Swiss Guys experiment.
Tried decrypting pizza.jpg (downloaded from https://wikileaks.org/podesta-emails/emailid/10037)) with OpenStego using password q11mr1694671qaj.9.1249698062233
Did not work.

Edit: Formatting

Edit2: Retried all the above tests using alternative Stegonography software as OP mentioned jphide.
Tests still fail using JPHS for Windows

Edit3: It's important to note that when OP uploaded the file to Imgur, he may have fucked with the encryption, so it's necessary to download the original from Wikileaks; 

PS C:\Users\[REDACTED]\Downloads> (Get-FileHash .\a3pUmpH.jpg -Algorithm MD5).Hash
367F795D2554BE4CEDFD51D89E6A4A87
PS C:\Users\[REDACTED]\Downloads> (Get-FileHash .\IMG_20141128_223509_244.jpg -Algorithm MD5).Hash
E401E278D4464A4314327D5AA9259E9D

Investigate1999 ago

Everybody, please suggest strings that this guy can use. I thought that I saw some gibberish strings floating around in our discussions.

BarryOSeven ago

WikiLeaks is compromised, mails had been tampered with.

We need the image from a first hour backupper.

DriftingDevoid ago

I would be interested in this link too

edit: or do some checksum comparison with the one I've just downloaded

Atarian ago

I'm interested in why you think that?

(I haven't been on this sub in a while)

BarryOSeven ago

The mere fact that Assange is acting suspicious. He still gave no proof of live, no real proof. Just two interviews in which at least one has been CGI for sure.

He could just wave outside the window.

So until he shows real proof of life I assume WikiLeaks compromised and advise everybody to do so.

ich1baN ago

Assange isn't dead. There's no way this interview with Sean Hannity is with a double... Sean is literally sitting 2 feet from Julian. This isn't CGIed... the only way possible is if Sean is in on it and he has been on Julian's side this whole time... actually the only journalist that has given him airtime even well before he was this highly controversial:

https://www.youtube.com/watch?v=fYZ-aYwm5Fo

oldman123 ago

send link to archive and ill compare markers

BarryOSeven ago

https://wikileaks.org/podesta-emails/emailid/35941

Could you try to find if the image hash in this email is the same as the one from the backup?

oldman123 ago

easily, but where is the backup?

BarryOSeven ago

Oh I misunderstood, i thought you had a backup.

Maybe it's a good idea to try to find someone with a backup (must be here somewhere) and compare all current wikileaks mails with the backup.

It could prove wikileaks has been compromised and it could show us which images had steganography

oldman123 ago

I know which images have steg lol

BarryOSeven ago

for sure?

Could you please supply us with a list with all images which had stegano?

If we could wordlist this using multiple steganotools chances are high imho it will return something.

I don't think the Pedo-sta bro's are entering a 64char passphrase everytime they receive an image.

Actually, there has to be a mark they use for the other pedo's to show them there is stegano in the image. Like using cards in images. Or double dots on line endings something like that.

If they had to pull every image through their stegano decrypter using a long passphrase it would be hell for them, there has to be something to let eachother know there is stegano.

Investigate1999 ago

Is it possible that there is a water mark that is barely visible? I used GIMP to see if there might be something, but I'm concerned that I might not be using it properly. I tried to use something like a historigram or whatever.

BarryOSeven ago

It won't work that way. There are mutliple methods to add stegano in which some of the methods allows the user to spot there is stegano in it (LSB, change pixel values slightly)

But sometimes they hide it in other places of the file, png layers or something else.

I do recall an image of some Arabian article sent to Hillary Clinton, somebody spotted there was hidden data in it. It looked like some sort of optical illusion.

I think that one was important. Who knows what the optical illusion does to somebody's mind. Could be some sort of emotion tampering basilisk or something.

Investigate1999 ago

I used a hexeditor to look at the beginning of an Arctic [or Antarctic?] image and the end of it, and found nothing.

By the way, thanks for your explanation.

BarryOSeven ago

Yup, that could be a way to find one method. But if they are using Least Significant Byte stego they are altering the least significant bytes to have values which can decrypt it. It would change the image slightly but not really noticable without seeing the original.

Personally I think there is stegano in images, but I think it will be hard to decompress them because I think the criminals forked an existing tool and modified it slightly to use for their personal nasty stuff.

If I were pedosta I would do that.

Investigate1999 ago

I totally agree with you in general. I'm just not skilled enough to form an informed opinion.

Maybe we need a specific forum for us to discuss only images and the hidden data.

oldman123 ago

The program he used was a full copy of hiderman and then he even had them encrypted in a way that when you look at it through hiderman it'll say nothing is there. It's there. The jphide shit is wrong. Hiderman and force decryption.

IDeliverPizza ago

i tried open stego but it only works with .png images

oldman123 ago

use hiderman

NoRagrets ago

Change the file type using the drop down.

IDeliverPizza ago

only file type listed is .png

IDeliverPizza ago

nvmnd GOT IT THANKS

webofslime ago

Thanks for taking the time.

IDeliverPizza ago

Yo the password is P@ssw0rd?

earthbalance1 ago

I was going to suggest the obvious if no one else did :).