CTF After Dark - Steg - Senobnesieh

Pascal Peinecke published in Steganography CTF After Dark

2023-01-22 404 words 2 minutes

Contents

Senobnesieh

task

lla ta siht rebmemer t’nod I ???senobnesieh deman retcarahc noteleks suolucidir siht s’ereht yltnerappa dna dab gnikaerb gnihctawer m’I. wow

Rory

steg

writeup

ok let’s grab this weird file

1
wget https://acmcyber.com/static/files/e8350154bad3f643/senobnesieh.lmao

check the file:

1
2
file senobnesieh.lmao 
senobnesieh.lmao: ISO Media, MP4 v2 [ISO 14496-14]

It is an mp4 file and can be played. It sounds like some weird music.

The link behind wow is this:

https://github.com/JavDomGom/videostego

Videostego is a tool that you can use to write and read hidden messages in MP4 files using Steganography techniques like LSB.

let’s clone this repository:

1
2
3
4
5
6
7
8
git clone https://github.com/JavDomGom/videostego      
Cloning into 'videostego'...
remote: Enumerating objects: 62, done.
remote: Counting objects: 100% (62/62), done.
remote: Compressing objects: 100% (51/51), done.
remote: Total 62 (delta 14), reused 55 (delta 10), pack-reused 0
Receiving objects: 100% (62/62), 3.20 MiB | 2.56 MiB/s, done.
Resolving deltas: 100% (14/14), done.

and try to install it:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
cd videostego

sudo make install                                                                                                    130 ⨯
[sudo] password for pascal: 
2022/11/17 18:58:01 [build] Building videostego binary ...
gcc -Wall -g -o videostego src/*.c
2022/11/17 18:58:02 [build] Done!
2022/11/17 18:58:02 [install] Installing videostego ...
install -m 0755 videostego /usr/local/bin
2022/11/17 18:58:02 [install] Done!

Ok that worked.

How can this tool be used?

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
videostego --help                
USAGE
	VideoStego [-f filename] [-w [-m message] | -r | -i] [-h] [-v]

DESCRIPTION

	Tool to apply steganography in video files.

OPTIONS

	-f, --file	Input video file.
	-m, --message	Message to hide. It has to be specified only if the mode is -w, --write.
	-w, --write	Write mode. Hide a secret message in video file.
	-r, --read	Read mode. Read a secret message in video file.
	-i, --info	Info mode. Print general structure and containers of video file.
	-v, --version	Print the program version.
	-h, --help	Print this help.

LICENSE

	License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
	This is free software: you are free to change and redistribute it.
	There is NO WARRANTY, to the extent permitted by law.

Ok we need to supply the input file as well as the -r parameter to read the hidden message from a video file.

Let’s try this:

1
2
videostego -f senobnesieh.lmao -r                                                                                    
flag{newer_mandela_effect_just_dropped}

there is the flag !