Welcome!
Hacking Secrets
In this course you will learn about Hacking Secrets (private information) such as cracking passwords or finding hidden data in images (steganography) etc. These are ways of exploiting confidentiality. These are generally known as 'disclosure' hacks or attacks.
The main tool we will be using is a tool known as John the Ripper (JTR). The way JTR works takes the hash value of a password and compares it against a wordlist that has hashes already computers. If the hash values match, then it displays and shows you that the password match has been found and shows you the password.
We will also be using another tool called steghide which will help us find hidden data in images and other types of media.
The purpose of this course is to learn how to exploit confidential (secrets) and private information so you know how hackers steal secrets and you will know how to better protect yourself against hackers who are looking to steal your information.
© CyberShaolin. All rights reserved.
Congratulations!
You've completed the scenario!
Scenario Rating
In this course, you have learned to youse some common linux commands.
Hope you had fun learning! :-)
Your environment is currently being packaged as a Docker container and the download will begin shortly. To run the image locally, once Docker has been installed, use the commands
cat scrapbook_cybershaolin_hacking-secrets/hacking-secrets-training_kwoon_container.tar | docker load
docker run -it /cybershaolin_hacking-secrets/hacking-secrets-training_kwoon:
Oops!! Sorry, it looks like this scenario doesn't currently support downloads. We'll fix that shortly.

Steps
Hacking Secrets
Start
In this course you will learn about Hacking Secrets (private information) such as cracking passwords or finding hidden data in images (steganography) etc. These are ways of exploiting confidentiality.
The main tool we will be using is a tool known as John the Ripper (JTR). The way JTR works is it scans a wordlist and hashes each word in the list checking against another file with the password or the passwords hash, if the hash values match then you now that that is the password.
We will also be using Steghide which will find hidden data in images when given the correct password.
The purpose of this course is to learn how to exploit confidential (secrets) and private information so you can protect yourself against hackers stealing your information
Password Cracking
Once the CyberShaolin Learning environment has been launched, you should see a terminal where you can type in commands.
First navigate to the home folder by typing cd home
. and then type ls
You should see the name reuben
. This is a user account.
Now navigate into the reuben
directory using the cd reuben
and press enter. Then type the list command to list out the files in that directory. Type ls
and press enter.
Generally the first thing we will do is to generate the passwords file, but for this learning activity, the password file (called etc_passwords.db
) is provided for you. You can directly use that.
To crack (find out) the password, we will use the tool John The Ripper (JTR) or simply john
. In the terminal window, type john etc_passwords.db
. It may take a minute to crack. When the password is cracked (known), you will see a message on the screen which says reads Loaded 1 password hash
. To see the credentials (in this case password) on the screen, you can use the --show
switch with your john
command. Type john etc_passwords.db --show
and press enter.
You will see that the password from the etc_password.db
file is displayed on the screen.
Password Cracking (using Wordlists)
The way ssh (secure shell) works is it encrypts data (we will be encrypting with the RSA algorithim) using a encryption key. This encryption key has two parts the public key and the the private key. You can think about it this way half of the key is the public key and the other half is the private key to form the whole key you need both so you can unlock the door.
Make sure that you are in the reuben
folder. If you are not already there, then you can use the cd home/reuben
command to get into that directory. Now Type ls
and press enter. You will see a folder named ssh_keys
. Navigate into that director by typing cd ssh_keys
, and then type ls
and press enter to list the contents of that directory.
JTR actually has a program called ssh2john
that will combine the public and private key making the hash file that we can crack, but we already did that for you. So you should see a hash file called reuben_rsa.hash
.
The next step is to crack the password by which this reuben_rsa.hash
file is secured. We are going to use JTR, but this time we are going to input our own wordlist. JTR has a default wordlist that it uses if a wordlist is not provided.
It is important to know how to use your own wordlists in case you need to crack a password that does not appear in the default wordlist. There are wordlists on the web that you can download for free or pay for. For this exercise, we have edited a wordlist on US cities. Note: Reuben and his family like to travel a lot and have been blessed to travel to nearly 30 countries and given keynote talks in over 10 of those 30 countries as of 2020. So Reuben's password maybe a US city or one that he has made up.
To crack that password, type in john --wordlist=/usr/local/share/john/wordlists/us_cities.txt reuben_rsa.hash
and press enter.
You will see that Reuben's password is a made up US city called 'Wolverine Lake'.
Steganography
What is Steganography?
Steganography comes from the greek words steganos
which means 'covered' or 'concealed' and graphine
which means writing. Hence, Steganography means concealed writing.
Steganography is the technique of hiding secretive data in ordinary non-secret messages most commonly in images or audio files. The secret data is then extracted using steganography extraction methods.
Stegenography is a very common technique used by spies they use this to communicate stealthily.
steghide
We are going to be using a tool called steghide that can hide data in images or extract data that are hidden in images.
First navigate into the stego
folder in the is in nested under the folder called reuben
in the home
directory.
Type cd ..
and press enter to navigate to the parent (previous) directory.
Then type ls
and type enter to list the contents of that directory.
You will notice that there is a directory called stego
in there. Now navigate to that stego
directory by using the cd
command. Type cd stego
from the reuben
directory.
Then type ls
and type enter to list the contents of that directory.
The hacker bros - More than what meets the eye
You should see a image named hacker_bros.png
. In order to see the image, there are a few things you can do.
Click on the Tab that says HackerBros Website
. This should open up your default browser and display a web page with the image in it.
The web page will give you a description about the image and then inform you that There is more to this than what meets the eye
and that there is a hidden message
that you must try to uncover.
This informs you that Steganography is being used to hide a message inside the hacker_bros.png
image file, some information is hidden in the image.
To find out what the hidden message
is, we need to extract the message from the image itself.
An enigma
Usually a secret steganography message would require a password to extract the data/message. In this case the password is enigma
.
To extract the message, we need to specify the steganography file (-sf), a password (-p) and the file to extract the message/data to i.e., the extracted file (-xf).
Type steghide extract -sf hacker_bros.png -p enigma -xf message.txt
and press enter.
Now type ls
. You should see a file called message.txt
.
Try reading the contents of the message.txt
file using the cat
command.
Type cat message.txt
and press enter.
You should see some garbled text that looks like this.CkFsd2F5cyB1c2UgeW91ciBjeWJlciBza2lsbHMgZm9yIHRoZSBnb29kIG9mIGh1bWFuaXR5LiAKClJldWJlbiBSQVBzdDRyIFBhdWwgYWthIFRoZSBDeWJlciBOaW5qYQoK
Something Basic - An encoded secret
The content of the message.txt
look garbled and is not humanly intelligible because it is either encrypted or encoded. In this case, the message is encoded.
So to read the message, we will use the base64 -d
command which will decode the encoded text.
Type base64 -d message.txt
and press enter.
The dash d (-d) stands for decode.
If the command runs successfully, you should see a quote that says.
`Always use your cyber skills for the good of humanity.
Reuben RAPst4r Paul aka The Cyber Ninja`.
End
In this course, you have learned techniques that hackers use to hack secrets such as password cracking and phishing.
In the end result of this training kwoon you should have the credentials harvested in the /var/www/html
folder.
Hope you had fun learning! :-)