Stegoshabby Challenge Walkthrough (THM)

Posted by Andrew Campbell December 23, 2022

Hello All,

I created a stegonagraphy challenge! Below you can find the walkthrough for it.

1. Download 5h4887.jpg

2. The picture shows us a dolphin wearing a hat, however other than this there is not much information to go on.

3. Check image for embedded files and executable code

#binwalk -e 5h4887.jpg --run-as=root

4. Navigate to newly created directory

5. There is a zip file however it is password protected, we need to crack the hash. Using zip2john we can create a hash file

6. With the hash we can now attempt to use JTR. However at this point it may fail.

however the tool "fcrackzip" does work!

7. With the password we can open the zip and look at the file, but it is base64 encoded

8. You can decode the base64 via the terminal or you can input the same string into cyberchef.io

Congratulations you found the secret phrase!

Cyber Security and Automation