StegCracker -- Steganography Cracker

In the previous article we learned how we hide some secrets in media files using Steghide. In the way of penetration testing we may encounter with this type of files, in this article we are gonna cover how to recover a unknown stegnographed file. StegCracker is a tool that will help us to do that via bruteforce attack.

We first need to install StegHide in our Kali Linux system. We have a previous article on it click here to read that.
 And then we open the terminal window and type following command :

curl > /usr/local/bin/stegcracker
This command will download the StegCracker from github to our Kali Linux system's /usr/local/bin folder.  The  screenshot is following:

Now we need to give the execution permission to this downloaded file. To do this we use the following command:

chmod +x /usr/local/bin/stegcracker

Now StegCracker is successfully installed in our Kali Linux  system, Now we are gonna crack a steganography brute-force to uncover hidden data inside a file saved in my Desktop.

We can see that we have two files in Desktop. The picture file is the the stegno file we are gonna crack and there is a password list to perform a brute-force attack. We have learned generating custom password list in our Crunch tutorial.

Now we need to reach the directory where we have the stegno file and password list, in our case they are in Desktop so we are gonna use following command:

cd Desktop

Now the final part we are going to crack the password and uncover secret data from the image by using following command:

stegcracker any-name.jpeg wordlist.txt

The screenshot is following:

Using bigger wordlist will increase chance cracking password.

To view what get we use cat command in the new output file:

cat any-name.jpeg.out
The screenshot is following:

Yeh we did this. Comment below Isn't it cool ?

No comments:

Please do not spam here. It is comment box not a spambox. Promotional links are not allowed.

Powered by Blogger.