CTF Support
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. CTF Support
  2. /
  3. Steganography
  4. /
  5. Audio Steganography
Edit page

Audio Steganography

Introduction

Audio steganography hides information inside sound files by manipulating either the frequency domain (spectrogram) or the sample data (LSB).

In CTF challenges, hidden data may appear visually in a spectrogram or may need to be extracted from the waveform itself.

Common techniques:

  • Spectrogram encoding: text or images are modulated into frequencies.
  • Least Significant Bit (LSB): tiny bit changes inside PCM samples carry a binary payload.
  • Appended data: extra files hidden after the audio data.

Quick Reference

  • View spectrogram: Audacity -> View -> Spectrogram
  • View spectrogram (alternative): Sonic Visualiser -> Layer -> Add Spectrogram
  • Extract LSB data: stegolsb wavsteg -i input.wav -o output.txt -b 100
  • Inspect with binwalk for appended files: binwalk sound.wav
  • Search raw strings: strings sound.wav

Tools

Tool Purpose
Audacity Free, cross-platform audio editor that can display frequency-domain spectrograms. Excellent for spotting hidden messages visually.
Sonic Visualiser Dedicated waveform and frequency viewer for deeper spectral inspection and multichannel analysis.
stegolsb Command-line utility to encode or decode information from audio using Least Significant Bit manipulation. Ideal for .wav files.
strings, xxd, binwalk Raw data inspection and extraction of appended payloads.

Spectrogram Analysis

In many cases, the flag will appear as text or a visible structure in the spectrogram.

Method 1: Audacity

  1. Open the audio file (File -> Open).
  2. Click on the track name -> Spectrogram View.
  3. Adjust the scale via Spectrogram Settings for better contrast.
  4. Look for visible text, patterns, or QR codes.
Spectrogram View in Audacity
Spectrogram View in Audacity

Method 2: Sonic Visualiser

  1. Open file and select Layer -> Add Spectrogram.
  2. Use color maps to enhance visual clarity.
  3. Export frame regions if required.

LSB Extraction

If nothing appears in the spectrogram, check for bit-level payloads.

stegolsb can extract raw binary embedded in waveforms.

Example usage:

stegolsb wavsteg -i sound.wav -o output.txt -b 100

Options:

  • -i: input WAV file
  • -o: output destination
  • -b: number of bytes to extract

Once extracted, inspect the result with file, open it as text, or use xxd to interpret the data.

Tips

  • Always check file metadata using exiftool sound.wav, sometimes clues reside in metadata.
  • Spectrogram hints might direct you to LSB extraction or another method.