> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-6/steganography/data-extraction/trick-0322.md).

# Extract Data Via Steghide

***

To extract hidden data embedded within an image file using `steghide`, you can first use the `info` command to get information about the data potentially hidden within the file. The command line `steghide info` can be used for this purpose:

```bash
steghide info <image_file>
```

This will display information about the embedded data, including the name of the embedded file and whether it is encrypted.

To proceed with the extraction, use the following command:

```bash
steghide extract -sf <image_file.jpg>
```

The tool will attempt to extract the data hidden within the specified file. By default, the extracted data will be saved to a file with the same name as the embedded file. For example, if `secret.txt` was hidden in `image.jpg`, the command would extract `secret.txt` into the current directory.

You can also specify a different name for the output file using the `-xf` option:

```bash
steghide extract -sf <image_file.jpg> -xf <output_file_name>
```

Be aware that some steghide operations require a passphrase; you may be prompted for one. If a passphrase was used during the embedding process, you will need to provide the correct passphrase to successfully extract the data. If the passphrase is incorrect, the extraction will fail. Steghide requires a passphrase to extract data if one was used during embedding, and you cannot extract a file without a password using steghide if it was embedded with one. Upon successful extraction, a message confirming that the extracted data was saved to the specified file will be displayed, for example, `extracted data was saved in "secret.txt"`.
