[Hacking walkthrough] THM: Easy Steganography

[Hacking walkthrough] THM: Easy Steganography

Greeting! Welcome to another THM challenge write up Today, we are going to finish off the easy steganography challenge. This room is created by me but the challenge was ported from challenge land. I hope you enjoy the write-up.

Steganography 1

Download the image and start our very first stego task.

This image has an empty alt attribute; its file name is image1.jpeg

Like I said before, this challenge is a little bit unique. In order to complete this task, we need to do a reverse image search using TinEye.

This image has an empty alt attribute; its file name is plenty.png

Look like we have plenty of similar image on the internet. Simply download an image and we are going to compare the original with the image with stego text.

This image has an empty alt attribute; its file name is diff.png

Are you able to distinguish the difference?

Answer: St3g4n0

Steganography 2

Download the image and you get a similar image as stego 1.

This image has an empty alt attribute; its file name is image2.jpeg
This image has an empty alt attribute; its file name is bin.png

Well, we have an image file within an image file. To extract all the contents within the file, I’m going to use binwalk with the following command.

$ binwalk --dd='.*' image2.jpeg
This image has an empty alt attribute; its file name is hidden.png

A hidden message inside the image. The flag is the message.

Answer: algorithm

Steganography 3

You get a similar picture.

This image has an empty alt attribute; its file name is image3.jpeg

This one easy, use strings command and finish off the challenge.

This image has an empty alt attribute; its file name is strings.png

Answer: Math

Steganography 4

I guess I don’t need to say anything about this.

This image has an empty alt attribute; its file name is image4.jpeg

Similar to task 2 but a little bit advance. Extract all the files and read the XML using strings command. You will eventually locate the following flag.Image

This image has an empty alt attribute; its file name is 4.png

Answer: TryHardered

Conclusion

That’s all for the quick and simple steganography challenge. Hope you like it. Until next time.

Share the knowledge

Leave a Reply