Steganography

Find data hidden inside picture files.

Use StegHide to extract:

root@kali:~/thm/lianyu# steghide extract -sf aa.jpg
Enter passphrase:
steghide: could not extract any data with that passphrase!

If password proteted use StegCracker to try and brute force:

root@kali:~/thm/lianyu# pip3 install stegcracker
Collecting stegcracker
  Downloading stegcracker-2.0.8-py3-none-any.whl (9.5 kB)
Installing collected packages: stegcracker
Successfully installed stegcracker-2.0.8

root@kali:~/thm/lianyu# stegcracker aa.jpg
StegCracker 2.0.8 - (https://github.com/Paradoxis/StegCracker)
Copyright (c) 2020 - Luke Paris (Paradoxis)
Counting lines in wordlist..
Attacking file 'aa.jpg' with wordlist '/usr/share/wordlists/rockyou.txt'..
Successfully cracked file with password: <<hidden>>
Tried 4 passwords
Your file has been written to: aa.jpg.out

Can also use binwalk to extract hidden content in png:

binwalk -e nineveh.png

PreviousPort Enumeration NextCracking Hashes

Last updated 2 years ago