TryHackMe: STEGOsaurus — Write-Up
Hi,
This article is about STEGOsaurus room created Brandon by on TryHackMe. It is a free room and everyone can join it.
Description: STEGOsaurus? More like STEGOception! ;)
This room teaches us how we can extract information hidden behind an image. Let’s get started,
Download the file using download button as shown in figure 1.2 below:
Open the image either we can get any hint.
It is just a normal meme like image. As there is nothing in the image, try steghide tool on the image. We are trying this tool first because room created has mentioned this tool. use command given in figure 1.4 below:
steghide extract -sf Dogehomemadememe.jpg
One of the trolling thing is that when it asks “Enter passphrase: ”. This is the place where the person who is solving this challenge badly trolled for guessing the passphrase. After completion of command execution you will see another file is there in the same directory. That file is extracted by STEGHIDE tool from given picture. It is the picture of Panda shown in figure below 1.5:
Now use STEGCRACKER tool on this image to get the second flag.
stegcracker <File_Name.Extension>
I was badly trolled by the creator of the room. I was attempting brute force technique on the image with different files like rockyou.txt for more than 24 Hours. I was still failing, then I opened this image on an editor and from there I started changing the value of its Brightness, Exposure and Saturation, after trying there different combinations I finally managed to find the flag. Flag is shown in figure 1.6 below:
Hurrah! We have completed this STEGOsaurus Challenge. Thanks for staying till here.
If you like this article, please support on Patreon.
