http://bmzclub.cn/challenges#hide
hide.jpg
题目提示是hide,尝试steghide,试了几个弱密码没出,尝试用脚本爆破密码
#python3运行
from subprocess import *
def foo():
stegoFile='hide.jpg'#source pic path
extractFile='flag.txt'#steghide extract result
passFile='english.dic'#dist path
errors=['could not extract','steghide --help','Syntax error']
cmdFormat='steghide extract -sf "%s" -xf "%s" -p "%s"'
f=open(passFile,'r')
for line in f.readlines():
cmd=cmdFormat %(stegoFile,extractFile,line.strip())
p=Popen(cmd,shell=True,stdout=PIPE,stderr=STDOUT)
content=str(p.stdout.read(),'gbk')
for err in errors:
if err in content:
break
else:
print (content),
print ('the passphrase is %s' %(line.strip()))
f.close()
return
if __name__ == '__main__':
foo()
print ('ok')
pass直接就出了
flag{St3gh1d3_1s_N1u_B1}
