A problem that encodes the flag into wave file.
This problem consists of two parts:
- Obtain the code from wav file
- Decode
Obtain the code from wav file
I used dtmf-decoder that extract the tone dialing as decimal.
I already have Python3 environment and I don’t want to mess it up. I made a modification of its installation.
$ git clone https://github.com/ribt/dtmf-decoder.git
$ cd dtmf-decoder/
$ python3 -m pip install -r requirements.txt --upgrade
$ chmod +x dtmf.py
$ cp dtmf.py ~/bin/dtmf
Then I simply run the command and obtain the code.
$ dtmf you_know_what_to_do.wav
Decode
The obtained code is a series of decimals and we want to split it into ascii
code. However, the problem is how to tokenize it though we know each token
should be in the range of 0 to 127. Let’s say we have 1081. It can be either
10 and 81 or 108 and 1. The answer was in the audio file itself. There
are pauses between numbers, which indicates the separator.
After tokenizing, we can use printf '%x' to convert into hex and xxd to
convert them into ascii encoded string.
$ printf '%x' 67 84 70 108 101 97 110 123 67 82 89 80 84 79 71 82 65 80 72 89 125 | xxd -r -p
CTFlean{CRYPTOGRAPHY}%
Takeaways
It is interesting how the problem author embedded information into an audio file. It requires me to not only finding the tool to decode but also look at (listen to) the original input. I heard a lot that it is important to have “attention to detail” in cybersecurity domain. This is the good example. This problem has also helped me to write xxd one-liners.