影象隱寫工具---steghide
背景
先簡單描述一下該隱寫工具,該工具是在一個隱寫rose的題中做到的,也是試了很多種方法,什麼stegslove,wbstego,只要是我有的工具基本都試過了,還有其他一些隱寫套路,改字尾爆破等等,反正沒有得出答案。看了一下題解,需要用到steghide這個工具。
steghide介紹
Steghide是一款開源的隱寫術軟體,它可以讓你在一張圖片或者音訊檔案中隱藏你的祕密資訊,而且你不會注意到圖片或音訊檔案發生了任何的改變。而且,你的祕密檔案已經隱藏在了原始圖片或音訊檔案之中了。這是一個命令列軟體。因此,你需要學習使用這個工具的命令。你需要通過命令來實現將祕密檔案嵌入至圖片或音訊檔案之中。除此之外,你還需要使用其他的命令來提取你隱藏在圖片或音訊中的祕密檔案。
用法介紹
--help 自帶的介紹
steghide version 0.5.1
the first argument must be one of the following:
embed, --embed embed data
extract, --extract extract data
info, --info display information about a cover- or stego-file
info <filename> display information about <filename>
encinfo, --encinfo display a list of supported encryption algorithms
version, --version display version information
license, --license display steghide's license
help, --help display this usage information
embedding options:
-ef, --embedfile select file to be embedded
-ef <filename> embed the file <filename>
-cf, --coverfile select cover-file
-cf <filename> embed into the file <filename>
-p, --passphrase specify passphrase
-p <passphrase> use <passphrase> to embed data
-sf, --stegofile select stego file
-sf <filename> write result to <filename> instead of cover-file
-e, --encryption select encryption parameters
-e <a>[<m>]|<m>[<a>] specify an encryption algorithm and/or mode
-e none do not encrypt data before embedding
-z, --compress compress data before embedding (default)
-z <l> using level <l> (1 best speed...9 best compression)
-Z, --dontcompress do not compress data before embedding
-K, --nochecksum do not embed crc32 checksum of embedded data
-N, --dontembedname do not embed the name of the original file
-f, --force overwrite existing files
-q, --quiet suppress information messages
-v, --verbose display detailed information
extracting options:
-sf, --stegofile select stego file
-sf <filename> extract data from <filename>
-p, --passphrase specify passphrase
-p <passphrase> use <passphrase> to extract data
-xf, --extractfile select file name for extracted data
-xf <filename> write the extracted data to <filename>
-f, --force overwrite existing files
-q, --quiet suppress information messages
-v, --verbose display detailed information
options for the info command:
-p, --passphrase specify passphrase
-p <passphrase> use <passphrase> to get info about embedded data
To embed emb.txt in cvr.jpg: steghide embed -cf cvr.jpg -ef emb.txt
To extract embedded data from stg.jpg: steghide extract -sf stg.jpg
用法示例:
將secret.txt檔案隱藏到text.jpg中:
# steghide embed -cf test.jpg -ef secret.txt -p 123456
從text.jpg解出secret.txt:
#steghide extract -sf test.jpg -p 123456
爆破密碼
#!/usr/bin/python
# -*- coding:utf8 -
from subprocess import *
def foo():
stegoFile='C:\Users\ppp\Desktop\rose.jpg'
extractFile='C:\Users\ppp\Desktop\hide.txt'
passFile='C:\Users\ppp\Desktop\linshi.txt'
errors = ['could not extract', 'steghide --help', 'Syntax error']
cmdFormat = "D:\CTF\CTF工具合集\隱寫\影象隱寫\steghide>steghide.exe extract -sf %s -xf %s -p %s"
f = open(passFile, 'r')
for line in f.readlines():
cmd = cmdFormat % (stegoFile, extractFile, line.strip())
p = Popen(cmd, shell=True, stdout=PIPE, stderr=STDOUT)
content = unicode(p.stdout.read(), 'gbk')
for err in errors:
if err in content:
break
else:
print content,
print 'the passphrase is %s' % (line.strip())
f.close()
return
if __name__ == '__main__':
foo()
print 'ok'
pass