Skip to content

Latest commit

 

History

History
42 lines (36 loc) · 2.67 KB

README.md

File metadata and controls

42 lines (36 loc) · 2.67 KB

easy_stegoCTF

USAGE

python easy_stegoCTF.py -f <inputfile> -o <outputdirectory> [-s <String_to_search> [-g/--stego] [-m/--metadata] [-b/--binwalk] [-l/--lsb] [-t/--strings] [-x/--hexdump] [-e/--entropy] [-n/--noprint] [-r/--min-len <min_len_of_strings>]]

Extract all but hexdump and only a few strings: python easy_stegoCTF.py -f <inputfile> -o <outputdirectory> Extract stego info: python easy_stegoCTF.py -f <inputfile> -o <outputdirectory> --stego Extract hexdump and and strings (min length 5): python easy_stegoCTF.py -f <inputfile> -o <outputdirectory> --strings --min-len 5 --hexdump

INSTALL

There isn't yet any installation script.

You have to install the tools that are used and you dont already have, in order to do it I recommend you to use the installation scripts that you can find: https://github.com/DominicBreuker/stego-toolkit

GENERAL FEATURES

  • Automatically detects hidden files inside a file using "Binwalk".
  • Automatically detects metadata.
  • Automatically extracts strings.
  • Automatically checks the file using "File".
  • Automatically extracts information of the file using "Identify".
  • Automatically extracts hidden files using "Foremost".
  • Automatically shows the entropy of the file using "Ent".
  • Automatically shows an hexdump.

STEGO IN IMAGES

  • Automatically check if the is information hidden in jpg by several algorithms using "StegDetect" (Algorithms: JSteg, Outguess, JPHide, Invisible Secrets, F5, Sophisticated F5, Append at the end)
  • Automatically check if is a real PNG file using "PNGCheck"
  • Automatically extract hidden information of a PNG using "ZSteg"
  • Automatically tries to extract information using "StegHide" without password
  • Automatically runs "StegoVeritas" with parameters: -imageTransform -colorMap -trailing, in order to stract possible hidden information.
  • Automatically tries to extract information using "JSteg" without password
  • Automatically tries to extract information using "Outguess" without password
  • Automatically tries to extract information using "Outguess-0.13" without password
  • Automatically tries to extract information using "OpenStego" without password
  • Automatically tries to extract information using "LSBSteg" without password
  • Automatically tries to extract information using "SteganoTool"
  • Automatically tries to bruteforce "StegHide" using the 500 most common passwords
  • Automatically tries to bruteforce "Outguess" using the 500 most common passwords
  • Automatically tries to bruteforce "Outguess-0.13" using the 500 most common passwords
  • Automatically extracts strings and create new images using the LSB.