Showing posts from April, 2018

The Audacity of Some CTFs

I have stumbled across a few audio files while competing in CTFs over the last few years and I thought covering spectrograms would make a nice and quick blog post.

Flags can manifest themselves in many ways when dealing with media files. One of the most common ways I have seen is by hiding them, or clues to find them, in the file's audio spectrogram.

According to wikipedia: "a spectrogram is a visual representation of the spectrum of frequencies of sound, or other signals, as they vary with time." Basically, it is a method to visualize sound and signals.

I first learned that you can embed hidden messages and images in a spectrogram when a friend showed me an image from an Aphex Twin song some years ago.

Equation by Aphex Twin

Many years later, I applied this knowledge to the SANS 2015 Shmoo Challenge.

During this event, I extracted shmooster.mp3 from svn_2015.dump and noticed some interesting beeps and boops at the end of the audio. At this point I installed sonic-visual…

Hello World

Welcome Thrillhouse Group is a hacking team based out of North Carolina. We do CTFs and writeup some of our findings.

You can find me on twitter @strupo_

- strupo_