CTF音频隐写

作者: Leena_c9a7 | 来源:发表于2025-09-22 10:56 被阅读0次

图片隐写及BinWalk识别隐藏数据
CTF之隐写
CTF隐写挑战
CTF隐写工具
Stegano隐写-流量分析
ctf图片隐写，winhex
CTF隐写术详解
Stegano 3个音频隐写
隐写术总结--CTF指南
CTF之隐写术笔记

1.波形使用工具：Audacity
如上下上下有规律的波形，0101这样的可能是摩斯密码，或者转换01二进制，也许还有可能是二维码？
2.频谱图使用工具：Audacity
切换到频谱就能看到flag
3.mp3隐写使用工具：MP3stego
这个需要密码，可以在别处找一下hint，有可能是题目名称或者其他提示。
遇到过一个提示密码是100-1300之间的数字的题目，需要写脚本爆破。（ps.爆破不一定有唯一的密码，建议全都遍历一遍看看符合的flag是什么。贴一下这个代码

import subprocess
import os

# 生成密码字典（1000-1300）
with open("pwd.txt", "w") as f:
    for i in range(1000, 1301):
        f.write(str(i) + "\n")

# 记录破解结果
success_passwords = []
success_files = []

print("开始破解music.mp3...")
print("=" * 50)

# 尝试破解music.mp3
with open("pwd.txt", "r") as g:
    for password in g:
        password = password.strip()  # 去除换行符
        command = f"Decode.exe -X -P {password} music.mp3"
        print(f"尝试密码: {password}")
        print(f"执行命令: {command}")
        
        # 执行解密命令
        s = subprocess.Popen(command, shell=True, 
                            stdout=subprocess.PIPE, 
                            stderr=subprocess.PIPE,
                            stdin=subprocess.PIPE)
        
        # 获取命令输出
        stdout, stderr = s.communicate()
        output = stderr.decode("gbk")
        print(output)
        
        # 检查是否解密成功
        if "unexpected end of cipher message" not in output:
            print(f"✓ 密码 {password} 可能解密成功！")
            success_passwords.append(password)
            
            # 尝试读取解密后生成的文件
            decrypted_files = []
            
            # 检查可能的解密文件名
            possible_files = [
                "music.mp3.txt",
                f"music_{password}.txt", 
                f"decrypted_{password}.txt",
                "output.txt"
            ]
            
            for filename in possible_files:
                if os.path.exists(filename):
                    try:
                        with open(filename, "r", encoding='utf-8') as flag:
                            content = flag.read()
                            print(f"找到解密文件: {filename}")
                            print("解密内容:")
                            print(content)
                            print("-" * 30)
                            
                            success_files.append({
                                'password': password,
                                'filename': filename,
                                'content': content
                            })
                            decrypted_files.append(filename)
                    except Exception as e:
                        print(f"读取文件 {filename} 时出错: {e}")
            
            if not decrypted_files:
                print(f"密码 {password} 显示成功但未找到解密文件")
        else:
            print(f"✗ 密码 {password} 错误")
        
        print()  # 空行分隔每次尝试

print("=" * 50)
print("破解完成！")
print(f"总共尝试了 301 个密码")

# 输出总结报告
if success_passwords:
    print(f"\n🎉 找到 {len(success_passwords)} 个可能正确的密码:")
    for pwd in success_passwords:
        print(f"  - {pwd}")
    
    if success_files:
        print(f"\n📁 成功解密的文件 ({len(success_files)} 个):")
        for file_info in success_files:
            print(f"  密码: {file_info['password']}")
            print(f"  文件: {file_info['filename']}")
            print(f"  内容: {file_info['content'][:100]}..." if len(file_info['content']) > 100 else f"  内容: {file_info['content']}")
            print()
else:
    print("\n❌ 未找到正确的密码")

print("所有密码尝试完毕！")

4.wav隐写工具：silenteye