HTB-Senselessbehaviour Steg

less than 1 minute read

Hello hackers!

Challenge Name : SenselessBehaviour [Steganography]


Given file:

(root💀HTB)--> file meow.wav 
meow.wav: RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, stereo 44100 Hz

It is a wave file !, and we can also hide data inside wave file in Steghide since we do not know the password, so using stegseek bruteforce the pass !!

(root💀HTB)--> stegseek meow.wav /usr/share/wordlists/rockyou.txt 
StegSeek 0.6 -

[i] Found passphrase: "skittles"         

[i] Original filename: "youfoundme".
[i] Extracting to "meow.wav.out".
(root💀HTB)--> file meow.wav.out 
meow.wav.out: ASCII text

meow.wav.out - From base64, I just decoded it


- Decode it from hex and redirect it into a new file

(root💀HTB)--> xxd -r -p frombase > fromhex                                                      

(root💀HTB)--> file fromhex 
fromhex: PNG image data, 702 x 395, 8-bit/color RGBA, non-interlaced


1.stegsolve time

2.braile decode

3.wrap the flag!


Flag :

Thanks You !