stegseek v0.6 releases: lightning fast steghide cracker
Stegseek is a lightning-fast steghide cracker that can be used to extract hidden data from files. It is built as a fork of the original steghide project and, as a result, it is thousands of times faster than other crackers and can run through the entirety of rockyou.txt* in under 2 seconds.
Stegseek can also be used to extract steghide metadata without a password, which can be used to test whether a file contains steghide data.
* rockyou.txt is a well-known password list with over 14 million passwords.
This is where Stegseek really shines. As promised, let’s start with the “rockyou.txt in just 2 seconds” claim.
All of these numbers are measured on a laptop with an Intel i7-7700HQ CPU @ 2.80GHz and 8 GB of RAM.
I picked the last password in rockyou.txt without control characters: “␣␣␣␣␣␣␣1” (7 spaces followed by ‘1’).
This password is on line 14344383 out of 14344391
And there it is, over 14 million passwords in less than 2 seconds 😍.
How does this compare to other tools?
To test the performance of other tools, I created several stego files with different passwords, taken from
rockyou.txt. I ran each of the tools with their default settings, except Stegbrute where I increased threading for a fair comparison.
|password||Line||Stegseek v0.4||Stegcracker 2.0.9||Stegbrute v0.1.1 (-t 8)|
|“budakid1”||1 000 000||0.9s||[p] 23m50.0s||13m45.7s|
|“␣␣␣␣␣␣␣1”||14 344 383||1.9s||[p] 5h41m52.5s||[p] 3h17m38.0s|
[p] = projected time based on previous results.
To compare the speed of each tool, let’s look at the last row of the table (otherwise Stegseek finishes before all threads have started).
At this scale, Stegseek is over 10 000 times faster than Stegcracker and over 6000 times faster than Stegbrute.
- Fixed BMP cracking for files with a large palette ( #5 ).
- Added a
--continueflag to search for multiple hidden files ( #3 ).
- Added an
--accessibleflag to make the CLI more screen reader friendly
- Made the CLI more consistent, added colors.
--seednow throw proper exit codes for easier scripting.
- Lower performance overhead for metrics.
- fixed compiler flags for default build.
Copyright (C) 2020 RickdeJager