Saturday, April 17, 2021

Stegseek - A proper Steghide cracker at last!

During CTF challenges, they sometimes hide data inside an image with Steghide. The common way to solve these is to use steghide with a located password or crack the password from a wordlist. Up until now, this has been EXTREMELY slow with common brute-force applications re-running Steghide with each and every password in the list - Around 500 attempts per second on faster systems. When attempting to do this with a larger password list such as RockYou which contains millions of entries, this speed was obviously an issue.

During some recent browsing, I found a tool that can not only crack these passwords TWENTY THOUSAND TIMES FASTER, but in some cases can actually locate data inside a password-protected Steghide image without actually knowing the original password by brute-forcing every possible way that Steghide uses to embed the image in the first place o_O

Link to the tool on Github: Stegseek

Posted by at 0 comments

Wednesday, March 31, 2021

TryHackMe Certs

A kind fellow bought me a 30-day membership to Premium TryHackMe, so I decided to get some of their certificates whilst I was able to. 


I also got this one last Christmas, although whilst I'm sticking them all here, I might as well include this one too.




Posted by at 0 comments

Tuesday, October 20, 2020

Wireshark - Filtering for a Port Knocking sequence

In a recent CTF, I was required to analyze a .pcapng file to find a Port Knocking sequence. I didn't know an easy way to do this, and Google only gave up some half useful answers, so after a bit of research, I decided to write this post in the hopes that someone may stumble upon it in the future :)

Filter: (tcp.flags.reset eq 1) && (tcp.flags.ack eq 1)


Before


After


Make sure that the order number is correct (The "No." column goes from lowest to highest), and read the Port number on the left in the "Info" column.

In this case, the sequence is 7864, 8273, 9241, 12007, 60753, so a:

> knock 10.10.35.61 7864 8273 9241 12007 60753 -t 500

Would get you what you need. 

I found that sometimes you might need to knock 2 or 3 times before the filtered port opens for some reason, but there you go!

Posted by at 2 comments

Sunday, October 11, 2020

Photogenic Cheetah

 :D

Photogenic Cheetah

Posted by at 0 comments
Subscribe to: Posts ( Atom )