Embed and Export Tools
Foremost
foremost is used to also to extract data
foremost -e filenameor
foremost e filename -TBulkextractor
in order to find url or and text in dmp file just like we used in participation 4
unzip the .dmp file or any file
extract it using any extraction tool for example : bulkexractor
Bulk_exractor newoutputfilename memorydumpname_or_anyfilename cat filename | grep "the given text " Binwalk
Detect a hidden data + extract data:
⚠️ ***you can take the offset of the beginning of the file and extract it from hexeditor***
WinHex
🛠in kali linux there is a tool just like HexEditior , Winhex named → bless hex editior
WinHex & HxD are in windows
You can use online tools like : https://hexed.it
Download cmd :
we need to know file signatures in order to fix any file or to check them after opening the editior here is a list of filesignatures: https://www.filesignatures.net/index.php?page=all
Bit Shifting:
WinHex also used for Bit Shifting using:
1- open file
2- modify data
3- shift to left or right
4- save it as another file named e.g:file2.txt reopen file2.txt then reverse shift left or right in order to get the data.
5- after that check the hashes use tools→compute hashes
Steghide
this tool allows you to hide data text or image inside another to emebed and exract
embed data:
cf : sand fot current file
ef : stand for embeded file
before extracting or after embeding passphrase is required in order to protect data most people use common wordlists like rockyou.txt or they make their own wordlist.
extract data:
Zsteg
this tool allows you to detect hidden data in png & bmp
here is an example :
Stegseek
this tool allows you to break the the passphrase using rockyou.txt or any wordlist
Read the extracted file by typing :
Important notes:
to embed data :
you may use the following command:
You may also embed a file by copying the entire hexavalues and combine it with the hexavalues for another file
to create a new text document and write it:
Last updated