THOTCON 0x1 - Archived Comments

Tue, May 11, 2010

- ∞ -

Jeff Jarmoc

May 11, 2010 at 2:03 pm

Nice write up! Thanks for sharing. I didn’t end up completing the whole thing, but enjoyed the parts I did complete.

One thing that could’ve saved you some time; if you run strings or hexdump on ironman.jpg, you’ll see ‘steg hide’ near the beginning. That happens to be the name of a tool that’ll decode the steg in AHH.jpg. :)

$ hexdump -C ironman.jpg | head -c 256
00000000 ff d8 ff e0 00 10 53 74 65 67 00 01 01 01 00 60 |……Steg…..`|
00000010 00 60 00 00 ff e1 00 16 68 69 64 65 00 00 49 49 |.`……hide..II|
00000020 2a 00 08 00 00 00 00 00 00 00 00 00 ff db 00 43 |*…………..C|

Darth Null

May 11, 2010 at 2:56 pm

That’s a huge D’Oh! on my part. Sakebomb just told me that offline, and I’ve updated my post. Yeah, seeing that would’ve saved me a LOT of time. :) And, my original post had the wrong tool name given…just misread my notes.