In the context of CTFs steganography usually involves finding the hints or flags that have been hidden with steganography. Most commonly a media file or a image file will be given as a task with no further instructions, and the participants have to be able to uncover the hidden message that has been encoded in the media.
Download this example.jpg file which contains some hidden information.
If you save it to your machine and open it up with an image viewer(e.g. nomacs for linux), you should be presented with a simple jpg image.
Suggested Read: The 12 Best, Must-Have Tools For Steganography
Now let’s extract the hidden data inside from this image with the example of dd command which is very versatile in nature. We know where the location of the zip file is, but dd only takes decimal values, so we convert the hexadecimal location 0x01e17ad from hex to decimal to get 1972141.
Command: dd if=example.jpg bs=1 skip=1972141 of=foo.zip
This takes in the image example.jpg, the ‘in file’ if, reads one block at a time, ‘block size’ bs, skips to block 1972141, skip, and writes it to the ‘out file’ zip we call foo.zip. When this completes you should have a zip file you can easily unzip to access the text file inside.
Here we’ve listed out the best steganography tools which you can easily use while solving up CTF challenges.
|1||Convert||Convert images b/w formats and apply filters|
|2||Exif||Shows EXIF information in JPEG files|
|3||Exiftool||Read and write meta information in files|
|4||Exiv2||Image metadata manipulation tool|
|5||ImageMagick||Tool for manipulating images|
|6||Outguess||Universal steganographic tool|
|7||Pngtools||For various analysis related to PNGs|
|8||SmartDeblur||Used to deblur and fix defocused images|
|9||Steganabara||Tool for stegano analysis written in Java|
|10||Stegbreak||Launches brute-force dictionary attacks on JPG image|
|11||StegCracker||Steganography brute-force utility to uncover hidden data inside files|
|12||Stegextract||Detect hidden files and text in images|
|13||Steghide||Hide data in various kind of images|
|14||Stegsolve||Apply various steganography techniques to images|
|16||LSB-Steganography||Python program to steganography files into images using the Least Significant Bit.|
|17||StegSpy||Checks classical steganographical schemes|
|18||StegSnow||A program for concealing messages in text files by appending tabs and spaces on the end of lines|
|19||Binwalk||Firmware Analysis Tool|
|21||StegDetect||Performs statistical tests to find if a stego tool was used (jsteg, outguess, jphide, …).|
|22||StegoVeritas||Yet another Stego Tool|