Siunam's Website

My personal website

Home About Blog Writeups Projects E-Portfolio



Something about this audio is pretty sus

Author: gsemaj

Difficulty: Easy

Find the flag

In this challenge, we can download a file:

└─# file sus.wav 
sus.wav: RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 48000 Hz

Hmm… A sound file.

Let’s fire up Audacity to find anything weird:

└─# audacity sus.wav

Nothing weird here. Let’s switch to Spectrogram mode:

Still no dice.

Then, after I banging my head against the wall, I googled about audio steganography:

Let’s look at this Medium blog!

Hmm… Using LSB algorithm to hide hidden messages??

Let’s copy and paste that to our attacker machine!

#!/usr/bin/env python3

import wave
song ="sus.wav", mode='rb')
# Convert audio to byte array
frame_bytes = bytearray(list(song.readframes(song.getnframes())))

# Extract the LSB of each byte
extracted = [frame_bytes[i] & 1 for i in range(len(frame_bytes))]
# Convert byte array back to string
string = "".join(chr(int("".join(map(str,extracted[i:i+8])),2)) for i in range(0,len(extracted),8))
# Cut off at the filler characters
decoded = string.split("###")[0]

# Print the extracted text
print("Sucessfully decoded: "+decoded)

Run that script!

└─# python3
Sucessfully decoded: buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}buckeye{4y000_p1nk_100k1n_k1nd4_5u5_th0}[...]

We got the flag!


What we’ve learned:

  1. Audio Steganography