Category: Steganography
Difficulty: Easy
Note: Unfortunately, Steganography (Stego) challenges have been removed from HackTheBox.
Summary #
We are provided with an image named forest.jpg and tasked with uncovering hidden information within it. Using steganography techniques and tools, we successfully extract a hidden file containing a message. Decoding the message reveals a flag.
Steps to Solve #
1. Initial Inspection #
- We start by analyzing the image using
binwalkto check for embedded files or data.
$ binwalk forest.jpg
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
0 0x0 JPEG image data, JFIF standard 1.01
- Then use
stringscommand withawkto filter for lines longer than 10 characters.
$ strings forest.jpg | awk 'length($0) > 10'
%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
e5/.U).mRMh
hd\.WyRPt9#
U_4S?#~.kpx
Wg^Erc(J9d(
ZZ<30I"XB2VR
(YLS,Bb\)TG
nmc?<W"[9LR
#u+N*IJ-J-_g
[GXuy|AkjV(DZ
@mNhYR[=#JX
6'p}_Wwy\/b
GBw{~59.q_)
7+0r}3^-]5~W"KT
%UQ*Pm9)E%9
VMFts b*=9m
\!,-<>i?g?z*m{
Fv}3]v?2Eqj%12
w}:jpb! a#VW
7nozQ}T[W_-
<Fg`CGs$I:H
VEl.X.r1_!R
V^$]:7v0\C,
I.:G$rm1H~W
8U)(Oe(8^5.
yZ9Vc</2t+/k
[ EBQsJRM/=S]
]Giky#G$Vop
;u^ds>g},sGK
3X{(s=#]'*S_
!-q,!KnH`RI^
lK[b6&N #=k
{d^DXne\G#m
9;J-smu$q,3
mm<3e#[\j96
No significant results are found.
2. Exploring with Stegsolve #
- We use Stegsolve to analyze the image across various bit planes and color maps.
- Under “Red plane 0” view, we find the following string
IsJuS1Af0r3sTbR0.
3. Extracting Data with Steghide #
- Using the discovered string as a password, we attempt to extract hidden data from the image with steghide.
$ steghide extract -sf forest.jpg -p IsJuS1Af0r3sTbR0
wrote extracted data to "nothinghere.txt".
$ cat nothinghere.txt
Gur sberfg vf n pbzcyrk rpbflfgrz pbafvfgvat znvayl bs gerrf gung ohssre gur
rnegu naq fhccbeg n zlevnq bs yvsr sbezf. Gur gerrf uryc perngr n fcrpvny
raivebazrag jubs gur raivebazrag. Gurl pyrna gur nve, pbby vg ba ubg qnlf,
pbafreir urng ng avtug, naq npg nf rkpryyrag fbhaq nofbeoref. UGO{NzNm1aTfXvyYmMOe0}
4. Decoding the Extracted Text #
- The extracted text appears to be encoded with ROT13.
- Decoding it via CyberChef reveals the flag:
The forest is a complex ecosystem consisting mainly of trees that buffer the
earth and support a myriad of life forms. The trees help create a special
environment whof the environment. They clean the air, cool it on hot days,
conserve heat at night, and act as excellent sound absorbers. HTB{AmAz1nGsKilLzZBr0}