Steganography
March 30, 2021 Hacking
Table of contents:
General
- File to determine file types
file <filename>
- Check metadata with EXIFtool
exiftool <filename>
- Foremost for data carving
foremost -v <filename>
- Binwalk to search for embedded files and executable code
binwalk <filename> to show hidden filesbinwalk --dd='.*' <filename> to extract all files
Image
- GIMP
- select random parts with the "Fill" option
- Strings search for text in data
strings <filename> | grep -i "flag{"strings -n 10 <filename> words with min lengths of 10
- Use a Hex Editor to look at the file signature
hexedit<filename>
- Stegsolve is a tool to manipulate images
- Steghide extract password protected data from images
steghide --extract -sf <filename>
- Check for corruption in PNG files
pngcheck <filename.png>
- Zsteg finds hidden data in png/bmp
zsteg -a <filename.png>
- Tesseract scans for text in images and saves is as a text file.
- Npiet is a programming language in which programs look like abstract paintings
- GraphicMagick
./magick identify -verbose <filename> checks if image is corrupted./magick mogrify -set comment 'Extra bytes removed' <filename> restore demaged images
- StegoVeritas wide variety of simple and advanced checks
python3 stegoveritas.py <filename>
- Imageerrorlevelanalysis Image Error Level Analyzer
- Magic Eye Solver / Viewer
- FFT Find hidden content using Fast Fourier T
Audio
- Use Sonic Visualizer to look at the Spectogram
- Wavsteg hide and extract data from wav files
python3 WavSteg.py -r -s soundfile -o outputfile
- DTMF Tones
- Deepsound hide data with AES-265
- Ffmpeg checks integrity of audio files
ffmpeg -v info -i <filename> -f null -
Compressed file
- Fcrackzip brute-forces zip passwords
fcrackzip -D -u -p rockyou.txt <filename>
- Zipdetails displays internal zip structure
zipdetails -v <filename>
- Zipinfo shows information about the zip file
- Repair a corrupted Zip with
zip -FF input.zip --out output.zip
Text