Steganography#
file#
because of course..
strings#
strings -n 6 file # Extract the strings with min length of 6
strings -n 6 file | head -n 20 # Extract first 20 strings with min length of 6
strings -n 6 file | tail -n 20 # Extract last 20 strings with min length of 6
strings -e s -n 6 file # Extract 7bit strings
strings -e S -n 6 file # Extract 8bit strings
strings -e l -n 6 file # Extract 16bit strings (little-endian)
strings -e b -n 6 file # Extract 16bit strings (big-endian)
strings -e L -n 6 file # Extract 32bit strings (little-endian)
strings -e B -n 6 file # Extract 32bit strings (big-endian)
cmp#
# compare data at the byte level
cmp -v -b image1.jpg image2.jpg
exiftool#
exiftool -icc_Profile:all BU6iBcw.jpg # icc - international color consortium related fields only
exiftool BU6iBcw.jpg # all the fields
exiftool BU6iBcw.jpg # all the fields
exiftool -GreenTRC BU6iBcw.jpg -b|xxd # get the bytes for a specifi field
foremost#
foremost -i Queen.png
foremost Queen.png
binwalk#
binwalk Queen.png
binwalk -D=".*" Queen.png
binwalk -e Queen.png
stegsolve#
https://github.com/zardus/ctf-tools/blob/master/stegsolve/install
java -jar -Xmx4g stegsolve.jar
(that's that tool that lets you quickly skim through the image layers and work on stereograms and all)
stegosuite#
will let you embed or extract data in image
steghide#
steghide info Queen.png
steghide embed -ef 'secret.txt' -cf 'fatbird.jpg'
steghide extract -sf 'fatbird.jpg' -xf secrets.txt
stegcracker#
bruteforce steghidden images (use stegseek instead)
stegseek#
replaces stegcracker apparently and it also a tool to bruteforce steghidden images
Stegseek can also be used to detect and extract any unencrypted (meta) data from a steghide image
stegseek --seed slav.jpg
stegseek --crack slav.jpg /usr/share/wordlists/rockyou.txt
zteg#
https://github.com/zed-0xff/zsteg
detect stegano-hidden data in PNG & BMP
auto-runs a bunch of methods to extract things into a result folder
zsteg Queen.png > zsteg
stegoveritas#
works like zsteg in the sense that it does try a buch of methods automatically
not specific to PNG though
convert (imagemagick)#
convert blue_0.png -channel RGB -negate i_blue_0.png
convert i_blue_0.png -transparent white blue_0.png
convert half.png -threshold 90 90.png
pngcheck#
pngcheck -v Queen.png
stegano#
apparently a python lib for stego
I didn't really explore yet
pip install stegano
fft stegpic#
git clone https://github.com/0xcomposure/FFTStegPic.git
stegpy#
Embed data in an image using the LSB method (Least Significant Bit)
stegpy "done with stegpy" slav.jpg
stegpy _slav.png
pcrt#
cyberchef (web)#
asciitohex (web)#
stegonline (web)#
documentations#
https://www.yeahhub.com/top-steganography-tools-ctf-challenges/
https://book.hacktricks.xyz/stego/stego-tricks
https://github.com/DominicBreuker/stego-toolkit