Ctrlk

Images Exif Steg

Links

Easy

LookAround - Dont forget the Easy stuff!!
strings -n 8 secret.png

imagemagick

sudo apt install imagemagick
sudo apt install graphicsmagick-imagemagick-compat
identify -verbose allyourbase.jpg | grep "exif"

stegextract

sudo curl https://raw.githubusercontent.com/evyatarmeged/stegextract/master/stegextract > /usr/local/bin/stegextract
sudo chmod +x /usr/local/bin/stegextract
stegextract allyourbase.gif --outfile allyourbase
unzip allyourbase

binwalk

search image for embedded files and exe code
You might find ssh keys :)
Find an .elf file .. make sure you chmod +x .. execute it to test!

PreviousHydra Brutes NextMalware Analysis

Last updated 2 years ago

Was this helpful?

> binwalk nineveh.png        ..find
> binwalk -Me nineveh.png    ..extract
> binwalk -e allyourbase.gif 

-M: Recursively scan extracted files.
-e: Automatically extract known file types.

Found!!
> ls _nineveh.png.extracted/secret/