Ok so basically I'm on Parrot Linux and have an image has a hidden steganographic inside.
I know I need to decode it with Steghide in the Parrot Terminal.
I also know that I will find out what the hidden steganographic data (that with be extracted to a .txt file) with the command:
"steghide extract -sf IMAGE.jpg -p PASSPHRASE".
The question is, using a command that steghide provides... how would I get the PASSPHRASE to find the hidden message within the image jpg?
Oh also, I know the seed is "Found (possible) seed: "b40d0b29" - now I am not sure what that means and if that can assist me in anyway, but I thought I'd drop that here just in case.
48 Replies
Does Parrot have StegCracker on it? I'd tab into my VM but I'm in my work environment. You might be able to use that seed
There's also Stegseek that can essentially brute force it
GitHub
Releases · RickdeJager/stegseek
:zap: Worlds fastest steghide cracker, chewing through millions of passwords per second :zap: - RickdeJager/stegseek
I have stegseek installed, I just tried rockyou.txt on it (didn't work)
I have steghide and stegeek installed, not stegcracker tho
Did you try the seed flag in stegseek to see if it can detect whether or not it's encrypted and if so, which algorithm?
Indeed I did
Wait sorry wrong screenshot
Bottom bit, the top was when I accidently messed up the file some how
It's rijndeal-128
What happens if you run strings on it?
Not sure how would I do that?
strings <file name>lots and lots of letters and sybols
So, strings shows... well, strings in a binary. You can use it in reverse engineering a binary like some malware to get an idea of what it's doing
Can you send me the output? I'll bet the password is in there
Hmmm you could try
CDEFGHIJSTUVWXYZcdefghijstuvwxyz but I don't see anything that sticks out as the password. I've gotten one before where it was a word that you could pick out and it was the pass
Lemme do some digging