Showing posts from April, 2018

The Audacity of Some CTFs

I have stumbled across a few audio files while competing in CTFs over the last few years and I thought covering spectrograms would make a nice and quick blog post. Flags can manifest themselves in many ways when dealing with media files. One of the most common ways I have seen is by hiding them, or clues to find them, in the file's audio spectrogram. According to wikipedia: "a spectrogram is a visual representation of the spectrum of frequencies of sound, or other signals, as they vary with time." Basically, it is a method to visualize sound and signals. I first learned that you can embed hidden messages and images in a spectrogram when a friend showed me an image from an Aphex Twin song some years ago. Equation by Aphex Twin Many years later, I applied this knowledge to the SANS 2015 Shmoo Challenge . During this event, I extracted shmooster.mp3 from svn_2015.dump and noticed some interesting beeps and boops at the end of the audio. At this point I instal

Hello World

Welcome Thrillhouse Group is a hacking team based out of North Carolina. We do CTFs and writeup some of our findings. You can find me on twitter @strupo_ - strupo_