I need to scan this picture for steganography as the meta-data suggest there is some concealment. I'm new to this process and don't know which free tool is the most comprehensive.
EDIT:
1. as I suspected stackexchange image upload does a exif clean, the metadata comment read: Getting warmer! Use concealment to uncover even more as you hunt for the solution string to this puzzle...like hide and seek...
2. A hex editor shows nothing conspicious with a starting point of "FF D8" and end point of "FF D9"
3. The image is only 48 KB
4. StegDetect is not working with this image.
5. With Polynomial and Steve's comments I realize that I should learn (Kali) Linux before asking questions that that are way over Windows' head. If you have a (free) Windows solution, please answer.
- 579
- 1
- 5
- 19
-
1Have you tried `strings` over the image? – Polynomial Jun 10 '15 at 17:11
-
No comprendo. Elaborate, please. – Manumit Jun 10 '15 at 17:16
-
[`strings`](http://en.wikipedia.org/wiki/Strings_%28Unix%29). – Polynomial Jun 10 '15 at 17:19
-
Possible duplicate https://security.stackexchange.com/questions/2144/detecting-steganography-in-images?rq=1 – ρss Jun 10 '15 at 17:22
-
I'm clueless with UNIX, unfortunately. Windows all the way plox. – Manumit Jun 10 '15 at 17:23
-
Where did you get the image? Did you embedded the text your self? What operating system did you use? Windows or Linux? – ρss Jun 10 '15 at 17:27
-
Image source: http://rtncyberjobs.com/ (after completing the first challenge). Windows 7. I'm just doing the challenge for fun, I'm not nearly finished with my education and have no plans on applying for these jobs, so please don't say "maybe you shouldn't apply for these jobs") – Manumit Jun 10 '15 at 17:31
-
1Come on @Manumit get over it and run a VM ;-) – Steve Dodier-Lazaro Jun 10 '15 at 17:34
-
1Asking for tools to recommend is off-topic. Plus, the answer to this puzzle isn't a tool, but a process. – schroeder Jun 10 '15 at 18:17
-
If they used `Alternate data stream` feature of Windows NTFS to hide info in the metadata, then it could be easier to get the metadata by using `dir /r` command. But I don't think that they would use something so simple. – ρss Jun 10 '15 at 18:19
2 Answers
A quick googling revealed this site with solutions to your puzzle.
Opening the picture with a hex editor reveals a password, concealment
. Using JPSEEK to extract the hidden data from the image, using this password, gives the solution, exponential
.
Oddly enough, the URL for this solution (http://www.rtncyberjobs.com/pz2/exponential) doesn't work.
- 10,122
- 1
- 26
- 56
-
-
1well geez spoiler alert! Now what am I going to do on my coffee break? – Matthew Peters Jun 10 '15 at 20:12
-
1Well, you can do it on "hardcore", using the picture from this post instead of the [original](http://www.rtncyberjobs.com/hiddengem/puz1b.jpg) – Dmitry Grigoryev Jun 10 '15 at 20:16
-
Yeah I tried inputting the second solution in many ways, it's always a 403 deny. Glad you said it, because I felt sad not being clever enough to submit the answer. – Manumit Jun 10 '15 at 20:21
Keep in mind steganography is based on replacing certain bits in each byte to hide information. However there are different schemes that have evolved over the years but the principle is the same. Check out the link below and look at the free tools Mark Davidson suggests.
https://security.stackexchange.com/a/2145/78337
p.s. if you want to work in security learning linux will make you better and more employable. Also keep in mind Kali linux is essentially just Debian with a whole bunch of tools in it. I also made the mistake thinking I need to "learn" Kali until I found out I only needed a few tools in Kali to get the job done.