stegbrute - stands for steganography and bruteforce is a fast and simple steganography brute-force tool written in rust very useful in ctf challanges
How to use it
First of all you need to download the program, you can download it in 4 ways they are all documentated in the Github repository or just download them from the releases section.
now that you have stegbrute installed run it with -h or β help option, this is what you should see
============================================================
____ _ ____ _
/ ___|| |_ ___ __ _| __ ) _ __ _ _| |_ ___
\___ \| __/ _ \/ _` | _ \| '__| | | | __/ _ \
___) | || __/ (_| | |_) | | | |_| | || __/
|____/ \__\___|\__, |____/|_| \__,_|\__\___|
|___/
StegBrute v0.1.1 - By R4yan
https://github.com/R4yGM/StegBrute
StegBrute 0.1.1
R4yan <yessou.rayan@gmail.com>
Steganography bruteforce tool
USAGE:
stegbrute [FLAGS] [OPTIONS] --file-name <file-name> --wordlist <wordlist>
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
-v, --verbose shows every try the program does
OPTIONS:
-x, --extract-file <extract-file> the file name path where you want to write the results [default:
stegbrute_results.txt]
-f, --file-name <file-name> the file name path you want to crack
-t, --threads <threads> number of threads to bruteforce the file [default: 3]
-w, --wordlist <wordlist> path of the wordlist
```
now you can crack any image!,
example on how to use stegbrute
stegbrute -f image.jpg -w wordlist.txt -x results.txt
where -f is the file you want to crack, -w is the wordlist (a big list of passwords), -x is where you want to save your results, output :
```bash
============================================================
____ _ ____ _
/ ___|| |_ ___ __ _| __ ) _ __ _ _| |_ ___
\___ \| __/ _ \/ _` | _ \| '__| | | | __/ _ \
___) | || __/ (_| | |_) | | | |_| | || __/
|____/ \__\___|\__, |____/|_| \__,_|\__\___|
|___/StegBrute v0.1.1 - By R4yan
https://github.com/R4yGM/StegBruteBruteforcing the file 'image.jpg' with the wordlist 'wordlist.txt' using 3 threads
(thread-0) Failed to crack the file, finished the passwords 178.02ms
(thread-2) Failed to crack the file, finished the passwords 284.84ms
password try: cool123 - Success
File extracted!
Password: cool123
Results written in: results.txt
Tried passwords : 62
Successfully cracked in 499.64ms
============================================================
itβs pretty fast, stegbrute tried 62 passords in half a second! as you can see it also shows the status of every thread
Comparision
I saw around also stegcracker wich is also a great program so i tried to compare it to stegbrute, and these are the results:
stegcracker :
# time stegcracker image.jpg wordlist.txt | grep -E "real|user|sys"real 0m1.754s
user 0m0.420s
sys 0m0.362s
stegbrute :
# time stegbrute -f image.jpg -w wordlist.txt | grep -E "real|user|sys"real 0m0.553s
user 0m0.366s
sys 0m0.460s
this says that stegbrute is more faster than stegcracker (i also tried to compare using other large wordlists)
Benchmark
I also made a benchmark of stegrute using different large wordlists i found on the internet
the table can be found here
these values ββof course can vary on due to your machine power
Top comments (0)