CTFtime.org

Audio misc challenge

by notmari / Hidden Issue

Tags: miscellaneous forensics 

Rating:

## Audio misc challenge

---

#### Description:
*My friend Martin, a radio enthusiast, is on a trip to Europe. He promised
me a picture of a place he liked a lot, but instead of images, he sent me only
an incomprehensible audio! Can you help me, please?*

*The flag must be submitted in srdnlen{} format: wrap the found flag in
srdnlen{}*

*The flag is a meaningful sentence.*

**Attachment:** [challengeAudio.wav](https://github.com/marihere/CTF_writeups/blob/main/SrdnlenCTF2023/Audio%20misc%20challenge/challengeAudio.wav)

---

By reading the description we can find two big hints: the friend’s name is **Martin** and he is a **radio enthusiast**. This information is very helpful because – if we have any previous experience with SSTV (Slow-Scan Television) – we can already tell that it is, in fact, an **SSTV audio** created using the **Martin mode**.

In case we couldn’t already tell, in the file’s **EXIF data** we can find this comment: *SGludCA6IFNsb3cgU2xvdyBSYWRpbyBUcmFuc21pc3Npb24g*

If we decode this string from Base64, we get: *Hint : **Slow Slow Radio
Transmission***

Wikipedia shows this definition of what SSTV is:
*Slow-scan television (SSTV) is a picture transmission method, used mainly by amateur radio operators, to transmit and receive static pictures via radio in monochrome or color.*

So, what do we do now? It’s simple, we need a decoder to show us what
is the image!

For this challenge, I used a program called **QSSTV**, which is an SSTV open-source software, and, after decoding the WAV audio, it showed me an image in which we can see the Sardinian flag and a string in front of it, *{MQ}4Af,T5q7JHx*.

At first, I didn’t know what this string meant... *I thought, maybe it is
a crypted message containing the flag?* But after trying out various methods
of decyphering and decoding, none of them seemed to give me a result so I
just gave up.

Then, I started analyzing the file and I found a hidden RAR archive thanks to **binwalk**. I tried opening it but it was protected by a password... Then, I tried using the string
I saw on the image and... Bingo! I found an image containing the flag. I just had to
copy it and wrap it in the flag format (srdnlen{}).

*Please check out [my writeup on GitHub](https://github.com/marihere/CTF_writeups/tree/main/SrdnlenCTF2023/Audio%20misc%20challenge) for the images and references.*

---

The flag is:
### srdnlen{Wh4t_4_W0nd3rful c1ty!!!}

Original writeup (https://github.com/marihere/CTF_writeups/tree/main/SrdnlenCTF2023/Audio%20misc%20challenge).

Comments