For this challenge, we are given a website which is playing the 2001: A Space Odyssey soundtrack.

Looking at the source code, we find the soundtrack file, 2001.mid.

One way to hide messages in MIDI files is using the "Program change" message. This is a type of event which does not correspond to any audio, but instead is used to control device configurations.

We downloaded stegano_midi, a program which performs MIDI steganography using the method mentioned above. We made it into an executable, and used the command stegano_midi --reveal --file=2001.mid to reveal the message hidden in the file, if any.

Fortunately, we obtained a base-64-encoded string, which, when decoded, resulted in the flag.

Original writeup (https://github.com/SababaSec/ctf-writeups/tree/master/2019/Reply-Cyber-Security-Challenge/MISCELLANEOUS/Deep%20mid-space).