In the previous article we learned how we hide some secrets in media files using Steghide. In the way of penetration testing we may encounter with this type of files, in this article we are gonna cover how to recover a unknown stegnographed file. StegCracker is a tool that will help us to do that via bruteforce attack.
We first need to install StegHide in our Kali Linux system. We have a previous article on it click here to read that.
We first need to install StegHide in our Kali Linux system. We have a previous article on it click here to read that.
And then we open the terminal window and type following command :
This command will download the StegCracker on our Kali Linux system. The screenshot is following:
Now StegCracker is successfully installed in our Kali Linux system, Now we are gonna crack a steganography brute-force to uncover hidden data inside a file saved in my Desktop.
We can see that we have two files in Desktop. The picture file is the the stegno file we are gonna crack and there is a password list to perform a brute-force attack. We have learned generating custom password list in our Crunch tutorial.
Now we need to reach the directory where we have the stegno file and password list, in our case they are in Desktop so we are gonna use following command:
Now the final part we are going to crack the password and uncover secret data from the image by using following command:
The screenshot is following:
Using bigger wordlist will increase chance cracking password.
To view what get we use cat command in the new output file:
The screenshot is following:
Yes, we did this.
We can see that we have two files in Desktop. The picture file is the the stegno file we are gonna crack and there is a password list to perform a brute-force attack. We have learned generating custom password list in our Crunch tutorial.
Now we need to reach the directory where we have the stegno file and password list, in our case they are in Desktop so we are gonna use following command:
Now the final part we are going to crack the password and uncover secret data from the image by using following command:
The screenshot is following:
Using bigger wordlist will increase chance cracking password.
To view what get we use cat command in the new output file:
The screenshot is following:
Yes, we did this.
Liked this article then please subscribe us to get e-mail notification on our latest articles. We are also available on Twitter and GitHub join us there and be the part of our family.
For anything problem please comment down below we always reply.