Steganography 1

Check out our free course!

Steganography, or stego, challenges are among the most hated of all CTF challenges because they really are only limited in difficulty by how much of a pain in the ass the people who wrote the challenge are. No matter the challenge, if you've come across a picture that doesn't have anything useful in it or in the metadata and have spent far too long trying to figure out what it means, it is worthwhile to throw it into a few stego solvers you will download below. If it works, curse the person who made the challenge and continue working. If it doesn't work, you've exhausted one avenue and it's time to keep looking for something else.

Read this: https://ctf101.org/forensics/what-is-stegonagraphy/

Luckily, there are a few "standard" problems and tools that make solving those problems easier.

Complete this writeup and submit a screenshot of the answer: https://github.com/krx/CTF-Writeups/blob/master/CSAW%2016%20Quals/for250%20-%20Watchword/jk_actual_writeup.md

I recommend you use this link to download Stegsolve https://github.com/eugenekolo/sec-tools/tree/master/stego/stegsolve/stegsolve.

I recommend you use this link to download Steghide https://github.com/eugenekolo/sec-tools/tree/master/stego/stegsolve/stegsolve. Steghide is the defacto tool for password protected stego challenges, but don't forget to try steghide with no password.

With these two tools you should be able to solve 90% of all stego problems. Even if these don't work, they can still identify weirdness and you can investigate further.

Visit the course page!

Hoppers Roppers 2020            Date: 2020-06-10 23:03:16

results matching ""

    No results matching ""