HTB-Senselessbehaviour Steg

less than 1 minute read

Hello hackers!

Challenge Name : SenselessBehaviour [Steganography]

image


Given file:

(root💀HTB)--> file meow.wav 
meow.wav: RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz

It is a wave file !, and we can also hide data inside wave file in Steghide since we do not know the password, so using stegseek bruteforce the pass !!

(root💀HTB)--> stegseek meow.wav /usr/share/wordlists/rockyou.txt 
StegSeek 0.6 - https://github.com/RickdeJager/StegSeek

[i] Found passphrase: "skittles"         

[i] Original filename: "youfoundme".
[i] Extracting to "meow.wav.out".
                                                                                                       
(root💀HTB)--> file meow.wav.out 
meow.wav.out: ASCII text
                  

meow.wav.out - From base64, I just decoded it

image

- Decode it from hex and redirect it into a new file

(root💀HTB)--> xxd -r -p frombase > fromhex                                                      

(root💀HTB)--> file fromhex 
fromhex: PNG image data, 702 x 395, 8-bit/color RGBA, non-interlaced

image

1.stegsolve time

2.braile decode

3.wrap the flag!

image

https://www.dcode.fr/braille-alphabet

https://imgur.com/cLNc1C8.png

Flag :
HTB{blindasabat}

Thanks You !