# Images Exif Steg

## Links

* <https://gchq.github.io/CyberChef/>
* <https://medium.com/@FourOctets/ctf-tidbits-part-1-steganography-ea76cc526b40>

## Easy

* [LookAround](https://pentest.mxhx.org/06-linux-privesc/04-look-around) - Dont forget the Easy stuff!!
* strings -n 8 secret.png

## imagemagick

```
sudo apt install imagemagick
sudo apt install graphicsmagick-imagemagick-compat
identify -verbose allyourbase.jpg | grep "exif"
```

## stegextract

```
sudo curl https://raw.githubusercontent.com/evyatarmeged/stegextract/master/stegextract > /usr/local/bin/stegextract
sudo chmod +x /usr/local/bin/stegextract
stegextract allyourbase.gif --outfile allyourbase
unzip allyourbase
```

## binwalk

* search image for embedded files and exe code
* You might find [ssh ](https://pentest.mxhx.org/03-getting-in/03-ssh-tips)keys :)
* Find an .elf file .. make sure you chmod +x .. execute it to test!

```
> binwalk nineveh.png        ..find
> binwalk -Me nineveh.png    ..extract
> binwalk -e allyourbase.gif 

-M: Recursively scan extracted files.
-e: Automatically extract known file types.

Found!!
> ls _nineveh.png.extracted/secret/
```