# Basic Tools¶

This page introduces you too a large collection of open source tools some of which are regularly used and others used very rarely.

### Exiftool¶

It is a tool that is used mainly to read metadata in files.

 1 $sudo apt install exiftool  #### Usage¶  1 $ exiftool 

Exiftool gives the metadata of a file as its output. This data can be used for further analysis regarding the file type and its data. On a CTF point-of-view, we might get clues and hints or information that might turn out to be crucial for finding the flag.

Tip

strings is a bash command that shows all the ASCII strings in the file that is passed into the command. In CTFs it is often seen that sometimes some clues or even the flag can be found as an ASCII string inside the given challenge file. Way to use:

### Ghex¶

Ghex is a tool which helps us to view and edit the hex data or hex dump of an image.

 1 $sudo apt install ghex  #### Usage¶  1 $ ghex image.jpg 
Using ghex we can see the headers, footers, and the data chunks of an image. It is to be noted that ghex can be used for all types of files not only images.

#### Usage¶

 1 $binwalk -e  Here in the above image, we see that there is a 'jpg image' that has a compressed 'images' in it and we see that it is, it is embedded within the jpg image file. To extract it we can make use of a carving tool dd. It can carve out data from specific offsets that are passed as arguments to the tool along the with the file that needs to be read. Give the following command:  1 $ dd if=deeper.jpg of=image1.jpg bs=1 skip=202 
Where at if= the file from which data has to be extracted is passed as an argument and of= has the name of the file that we give after extraction. skip= is the offset of the file that has to be read and bs= i the byte skip argument that specifies the frequency of reading data from the given file.

#### Usage¶

To embed a secret message into an image

 1 2 3 4 $steghide embed -cf image.jpg -ef secret_message.txt Enter passphrase : ******** Re-Enter passphrase : ******** embedding "secret_message.txt" in "image.jpg"... done  To extract the secret message from the image  1 2 3 $ steghide extract -sf image.jpg Enter passphrase : ******** wrote extracted data to "secret_message.txt". 
For any help with the commands type

### Stegsolve¶

It is used to analyze images in different planes by taking off bits of the image.

#### Installation¶

 1 2 3 4 $wget http://www.caesum.com/handbook/Stegsolve.jar -O stegsolve.jar$ chmod +x stegsolve.jar $mkdir bin$ mv stegsolve.jar bin/ 

#### Usage¶

Stegsolve can be invoked by placing the image in the /bin folder and running stegsolve.

 1 $java -jar stegsolve.jar  There are over 10 different planes supported by stegsolve like Alpha, Blue, Green, Red, XOR etc. ### Stegcracker¶ It is a tool used to crack passwords in files which contains hidden data. #### Installation¶ For installing stegcracker we would require steghide, for installing steghide try  1 2 3 $ sudo apt-get install steghide -y $pip3 install stegcracker  #### Usage¶  1 $ stegcracker [] 
For the wordlist, an example is to use rockyou.txt

### Stegdetect¶

It is a tool which detects whether the given file has steganographic content or not.

#### Installation¶

Please clone this repository before executing the following commands.

If using a 64-bit system,

 1 2 3 $linux32 ./configure$ linux32 make 

You can now run stegdetect from the local directory:

### Zbarimg¶

It is a tool used to scan and decode QR codes from image files

 1 $sudo apt-get install zbar-tools  #### Usage¶  1 $ zbarimg 

Note: Zbar can also decode QR code by webcam, for this install the following tool,

### StegoVeritas¶

It is a python based steganography tool used to give various information about any particular stego file and prints out any data embedded inside it.

#### Installation¶

using pip

 1 2 3 $pip3 install stegoVeritas$ stegoVeritas_install_deps 

### GPG¶

GNU Privacy Guard (GnuPG or GPG),replacement of PGP(Pretty Good Privacy) a free-software tool used to bring out encryption, it features a versatile key management system.

#### Usage¶

##### Encryption¶

Original Text File

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 Not like the brazen giant of Greek fame, With conquering limbs astride from land to land; Here at our sea-washed, sunset gates shall stand A mighty woman with a torch, whose flame Is the imprisoned lightning, and her name Mother of Exiles. From her beacon-hand Glows world-wide welcome; her mild eyes command The air-bridged harbor that twin cities frame. “Keep, ancient lands, your storied pomp!” cries she With silent lips. “Give me your tired, your poor, Your huddled masses yearning to breathe free, The wretched refuse of your teeming shore. Send these, the homeless, tempest-tossed to me, I lift my lamp beside the golden door!” 

#### References¶

 1 \$ man stegsnow