TryHackMe Walk-through on CC: Steganography
Hello guys,back again with another walk-through.Let us first define what a steganograpy is, steganography(Stego) is the art of concealing something inside something else, example, a message inside a jpg file, or a binary inside a PNG and many more.
CC:Steganography challenge is a crash course on the topic of steganography in tryhackme and you can access it here, this challenge is rated as easy,it is a beginner challenge,am only going to take you through the last part of the challenge(Final Exam) where we are supposed to start enumerating the machine to find open ports and the services running on those ports.
Let us jump right in,first and as usual we start by running nmap to check on open ports and services running on those ports,nmap -sC -sV <ip> ,to learn more on nmap just run nmap -h, after running nmap i found that there is only one port open,that is port 80,with an Apache web server running as shown below:
Using any browser of your choice type in the target ip address,we get a website running with a title Test1 as shown below:
This challenge requires you to find the key so that you are allowed to move to the next challenge,we are told there are three keys you are supposed to find,so let us get started,this is the most interesting part,so first,checking on the source codes we find nothing important,but again we have an image,so copy the link location of the image and download the image to your machine, running file <image_file> command we realize that there is a passphrase attached to the file:
Using that passphrase we run steghide to extract hidden files in the image using the following command: steghide extract -sf <image file> -p <passphrase> and luckily,we have extracted a file called a.txt,and opening the file,boom!,we have our first key,
Now we can submit the key and move to the next challenge which looks like this:
The second challenge has an an audio file,checking on the source code,we got nothing,so let us download this file to our machine,the only way we can now check whether there is a file hidden here is by using Sonic Visualiser, there might be other tools out there but this is our best shot for now,so start your sonic-visualiser and on the menu,click on file to open the audio file we just downloaded,and then go to the layer part and add spectrogram,your final file should look like this:
Zooming in the image we find a link embedded in,so lets visit the link and check what is there,we find an image,so let’s go ahead and download the image file to our machine for further analysis:
By running file command on the image file,we see that it is a PNG file,so we use zsteg tool to find any hidden file or message inside the file using the following command, zsteg <file> and boom! we found ourselves the second key,
Submit the key and move on to the next challenge,two down,one to go:
The last challenge looks like this:
We are given an image to scan the qr code,so let us utilize google for that challenge, i used this link click-here to help me with that task,but after several tries scanning the image using different online tools,i still got an error as shown below:
But then i remembered there was as tool called stegoveritas. It supports just about every image file, and is able to extract all types of data from it. It has other features as well such as color correcting images. Am concerned with the last part about colors,so i run stegoveritas using the following command stegoveritas <image_file> and it produces other images with different colors.Now i tried scanning all the images one by one until i was lucky enough and got an image that was successfully scanned,and so i got my last key,submit it and you are good to go.
And we are done,congrats if you have come this far.
And thanks guys for taking your time going through this,i hope it was an informative learning,don’t forget continuous practice makes you perfect,leave a comment below in case i left something out or if you want me to add something to the next walk-through. Thank you so much, Happy Learning.
