> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-6/steganography/data-extraction/trick-0205.md).

# Steganography Extraction (Room Image)

***

````markdown
Use `curl` to download the target image file.

```bash
curl https://i.imgur.com/5iW7kC8.jpeg -o RoomImage.jpeg
````

Then, use `steghide` with the `-extract` command and the `-sf` flag specifying the stego file (`RoomImage.jpeg`).

```bash
steghide extract -sf RoomImage.jpeg
```

If the data was embedded without a password or with a common null password, `steghide` will attempt to extract the hidden file directly, often without prompting for a passphrase.

However, if the hidden data is protected by a password, `steghide` will typically prompt you to enter the passphrase:

```bash
steghide extract -sf RoomImage.jpeg
```

You will see a prompt like: `Enter passphrase:`

If the password is unknown, tools designed for brute-forcing can be used. A utility like `stegseek` is a lightning fast steghide cracker that can be employed for this task. The basic usage involves providing the stego file and a wordlist.

```bash
stegseek <stego_file> [wordlist]
```

For example, to attempt to find the password for `RoomImage.jpeg` using a common wordlist such as `rockyou.txt`:

```bash
stegseek RoomImage.jpeg /usr/share/wordlists/rockyou.txt
```

If `stegseek` successfully finds the correct password within the provided wordlist, it will automatically extract the hidden data.

```
```
