[CTF GEMA] Hide
CTF GEMA Groupe 2025
Niveau de Difficulté : Easy
Catégorie du Challenge : Stegano
Description :
Quelque chose ici...
Steps to Solve
L'analyse du code qr ne donne rien, nous allons donc utiliser steghide :
┌──(kali㉿kali)-[~/…/Stegano/Easy/hide/Production]
└─$ steghide extract -sf Stego2.jpg
Enter passphrase:Ensuite, vous avez besoin d'un mot de passe.
On peut le bruteforce facilement avec la rockyou, vous obtiendrez le mot de passe secret.
Solve Code:
import subprocess
def brute_force_steghide(image_file, wordlist):
with open(wordlist, "r", encoding="latin-1") as f:
for password in f:
password = password.strip()
try:
# Attempt to extract data with the current password
result = subprocess.run(
["steghide", "extract", "-sf", image_file, "-p", password, "-xf", "output.txt"],
capture_output=True,
text=True
)
# Check if the password is correct
if "wrote extracted data" in result.stdout:
print(f"Password found: {password}")
return password
except Exception as e:
print(f"Error: {e}")
print("Password not found.")
return None
# Replace 'image.jpg' and 'rockyou.txt' with your actual image file and wordlist
image_file = ""
wordlist = ""
brute_force_steghide(image_file, wordlist)FLAG :
FLAG{stego_is_so_easy!!!}