Hydan steganographically conceals a message into an application. It exploits redundancy in the i386 instruction set by defining sets of functionally equivalent instructions. It then encodes information in machine code by using the appropriate instructions from each set. Features: - Application filesize remains unchanged - Message is blowfish encrypted with a user-supplied passphrase before being embedded - Encoding rate: 1/110 Primary uses for Hydan: - Covert Communication: embedding data into binaries creates a covert channel that can be used to exchange secret messages. - Signing: a program's cryptographic signature can be embedded into itself. The recipient of the binary can then verify that it has not been tampered with (virus or trojan), and is really from who it claims to be from. This check can be built into the OS for user transparency. - Watermarking: a watermark can be embedded to uniquely identify binaries for copyright purposes, or as part of a DRM scheme. Note: this usage is not recommended as Hydan implements fragile watermarks.
Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.
The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.
Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.
Problem reports, updates or suggestions for this package should be reported with send-pr.