while most of these cucks are busy chasing after "children in tunnels" and other no-sauce-plain-chicken-nuggets-without-the fucking breading information…. there is actual stuff still to be found.
if you have even a *little bit* of resourcefulness, you should be able to get most of these things up and running. literally follow the directions and you're a 13370 h4cK3r 0f th3 w0r1d now.
back in july 2018 when a bunch of people jumped into the stego stuff, the question was:
A.) is it better to try a list of "every password" on 1 image?
B.) try the same password with every image?
then the squabbling of "how do we know if the image even contains anything? shouldn't we find a good candidate image and then we can better assess?"
(then everyone gave up i guess)
however… you can easily identify F5 (PixelKnot "basis") with stegdetect.
stegdetect -tF image.jpg
(when I say "easily identify"–i mean the task is trivial to accomplish, not that the software is so incredibly robust that it digitally-scoffs at the notion of looking for f5 algo)
grab some flavor of linux, install stegdetect if it's not yet (assuming ubuntu/kali/apt package manager)
sudo apt-get update
sudo apt-get install stegdetect
or build from source:
sudo apt-get update
sudo apt-get git
git clone https://github.com/abeluck/stegdetect.git
cd stegdetect
linux32 ./configure
linux32 make
load a bunch of JPEG images into a folder and run:
stegdetect -tF folder/with/images/*.jpg
it'll spit you out a list of anything looking f5'y.
You can even train stegdetect on new steganography methods as long as you have a set of clean & set of known-steg images. There are many other (free) programs on github that offer machine learning algos for steganography (because stegdetect is like 20 years old).
The one used in the screenshots is called Aletheia.
https://github.com/daniellerch/aletheia
so then how do you go about cracking them once you have images with embeddings?
if you're "experienced", the load up this:
https://github.com/banona/PixelUnknot
a nice anon put that together a couple years ago.
F5 CUDA cracker and non-GPU version as well (plus some other tools, but the cracker is the focus)
a lot of really good research was done, and apparently, PixelKnot really only uses the last 1/3 of the password when encrypting a message. the idea is that would make it far easier to crack….. but then everyone sort of disappeared.
so, for a far easier way to install an F5 cracker was to simply use F5.jar and run a password list with it. not the fastest and most graceful way to do things, but this may lend itself better to trying a handful of passwords on EVERY image.
(make sure java is installed)
java -jar f5.jar x -p password -o output.txt steg-image.jpg
x = extract
p = password to try (we can iterate thru entries from a password list here with some Bash or scripting up a cracking wrapper in Python to plug in passwords & image files to try)
o = output file (if something's found this is what it'll be saved as)
#HappyHunting