Hello,

Writing to the command line for every loop really slows down a program like this, especially when using large dictionaries like rockyou.txt

I would recommend only writing the percent completed of the word list, and only writing that when ever the value changes,

and perhaps have an argument/flag to output attempt for debugging.

Hi,

When I tried a brute force with this script with a dictionary, like rockyou, the brute force never ended. When the script finishes reading the dictionary, it starts reading it again.

Thx.

Just followed you tuto and go the issue

stegcracker frame34.png

Traceback (most recent call last):
  File "/usr/local/bin/stegcracker", line 7, in <module>
    from stegcracker.__main__ import main
  File "/usr/local/lib/python3.5/dist-packages/stegcracker/__main__.py", line 27
    log(f'StegCracker {__version__} - ({__url__})',)
                                                 ^
SyntaxError: invalid syntax

Stegcracker will execute and give false-positive checking on a file that doesn't exist.

i have a problem when i run stegcracker i have an error
Error: Wordlist '/usr/share/wordlists/rockyou.txt' does not exist!

Hi,

I'm doing a hackthebox challenge and using stegcracker for some steg CTFs. Unfortunately it doesn't seem to be working for me, when I run it against an image I know the passphrase for (and put that in my list) it never gets it, I just get:

$ sudo /bin/stegcracker first.jpg guesses.txt
StegCracker - (https://github.com/Paradoxis/StegCracker)
Copyright (c) 2018 - Luke Paris (Paradoxis)

Attacking file 'first.jpg' with wordlist 'guesses.txt'..
\x1B[31mError:\x1B[0m Failed to crack file, ran out of passwords.

I've attached the files I'm using

guesses.txt

i installed steghide and your repo with pip3

i run it and didn't work

i tested with sudo but none results

my machine is : #1 SMP Debian 5.7.17-1kali1 (2020-08-26)

The bin directory
$ ls /usr/local/bin/
asm common cyclic disablenx elfdiff errno main pwn ROPgadget shellcraft unhex
checksec constgrep debug disasm elfpatch hex phd pwnstrip scramble template update

Did the following with the same issue noted in the original bug ticket.

Updated to the latest:
pip3 install stegcracker -U --force-reinstall

steghide embed -cf image.jpg -ef secret.txt
created a password of "password" and several other words in it for testing.

created a file named dict.txt with the word "password" in it.
ran:
stegcracker image.jpg dict.txt
Error: Failed to crack file, ran out of passwords.

Tried downloading tom.txt and using a password from that file with a image.jpg and I get the same error.

Originally posted by @wallofsheep in #4 (comment)

Steghide does not support PNG format, but Stegcracker will continue to falsely attack even when the image type is PNG.
Love the tool otherwise 👍

What went wrong?

I try to brute force an image jpg with stegcracker. I try to you use this worlist /usr/share/wordlists/rockyou.txt.gz. When i launch the command Stegcrack <image> Path <wordlist> i get this error :

Stack Trace

If you got a stack trace, please paste it here:

Error: Unhandled exception in cracker thread. Please report this issue on the official bug tracker: "https://github.com/Paradoxis/StegCracker/issues" and don't forget to include the following traceback:
ValueError: embedded null byte
  File "/usr/lib/python3.8/multiprocessing/pool.py", line 125, in worker
    result = (True, func(*args, **kwds))
  File "/usr/local/lib/python3.8/dist-packages/stegcracker/cracker.py", line 92, in crack
    with Popen([
  File "/usr/lib/python3.8/subprocess.py", line 854, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
  File "/usr/lib/python3.8/subprocess.py", line 1637, in _execute_child
    self.pid = _posixsubprocess.fork_exec(
Error: Terminating due to previous exception..

To Reproduce

Please add the following files / info:

• The file you wish to crack (or one which can reproduce the issue)
• The password file you're using (unless it's rockyou, I have that already)
• The password you know the file is encrypted with

System information

Please add the output of the following commands:

StegCracker Version

$  pip3 freeze | grep stegcracker
...

StegCracker Type

$ file $(which stegcracker)
...

StegHide Version

$ steghide --version
...

Python Version

$ python3 --version
...

System Version

$ uname -a
...

$ cat /etc/issue
...

Screenshots

A picture tells a thousand words, feel free to add one here if you have it

Other stuff

Got any other info I should know about? Have a monkeypatch or proposed fix?

Feel like ranting about something? Feel free to do it here. Compliments are also welcome ✨

What went wrong?

The percentage started at 0.00%, slowly increased to 100.00%, then continued increasing. Its at >231% now, and still increasing.

To Reproduce

Run 'stegcracker afile.jpg rockyou.txt' where afile.jpg is normal jpg image that has not been processed using steghide

StegCracker Version

stegcracker==2.0.6

StegCracker Type

/home/auser/.local/bin/stegcracker: Python script, ASCII text executable

StegHide Version

steghide version 0.5.1

Python Version

Python 3.7.3