📖
CTF Wiki
  • 🚩Arne's CTF Writeups!
  • 2025
    • TUCTF
      • Forensics - Security Rocks
  • 2024
    • Lexington CTF
      • Misc - a little bit of tomcroppery
    • Imaginary CTF
      • Web - Journal
    • Space Heroes CTF
      • Web - Antikythera
    • HTB Cyber Apocalypse
      • Pwn - Sound of Silence
      • Misc - MultiDigilingual
  • 2023
    • NahamConCTF
      • Mobile - Red Light Green Light
    • BucketCTF
      • Rev - Schematic
      • Rev - Random security
    • HTB Cyber Apocalypse
      • Rev - Cave System
      • Rev - Somewhat Linear
      • Pwn - Void
  • 2022
    • DownUnderCTF 2022
      • Cloud - Jimmy Builds a Kite
    • Ã¥ngstromCTF 2022
      • Pwn - really obnoxious problem
      • Pwn - whatsmyname
    • Engineer CTF
      • Misc - Not really random
      • Misc - Broken Pieces
    • KnightCTF 2022
    • HTB CTF: Dirty Money
      • Forensics - Perseverance
  • 2021
    • MetaCTF CyberGames 2021
    • HTB - Cyber Santa
      • RE - Infiltration
    • Securebug CTF Thor 2021
      • Web - Tricks 1
      • Web - Tricks 2
      • RE - Hidden in Plain Sight
    • TFC CTF 2021
      • RE - Crackity
      • Pwn - Jumpy
      • Misc - Weird Friend
    • K3RN3L CTF 2021
      • Crypto - Pascal RSA
    • DamCTF 2021
      • Misc - library-of-babel
      • Pwn - cookie-monster
    • Killer Queen CTF 2021
      • Pwn - Tweety Birb
      • Forensics - Tippy Tappies
      • Pwn - I want to break free
    • BuckeyeCTF 2021
      • Web - pay2win
      • Misc - USB Exfiltration
Powered by GitBook
On this page
  • Description
  • Downloads
  • Solution
  1. 2021
  2. Killer Queen CTF 2021

Forensics - Tippy Tappies

118 solves | 257 points

Last updated 3 years ago

Description

wow they must be using a really old phone (wrap number in kqctf{} flag wrapper)

Downloads

Solution

My first instinct when given a .wav file was to run it through the standard steganography tools. The list of tools I tried was:

  • Binwalk

  • Exiftool

  • Strings

  • Steghide

  • Wavsteg

  • Sonic visualizer

By using the command: dtmf -v -t 15 tippytappiesbutmobile.wav

We get the above decoding. Now wrap the numbers in the flag format and we get:

Flag: kqctf{4716097646384761}

Unfortunately, none of these tools gave any lead. So I proceeded to listen to the .wav file manually to understand what is going on. Turns out, at around 0:20 seconds of the audio file, the caller (presumably) was asked to dial in their credit card number. Reversing the dial tone back to its corresponding number manually proved to be really difficult but fortunately, there's an abundance of Dual tone multi frequency (DTMF) decoder out there to do it for us. The tool that we will use is:

https://github.com/KFSPC8/dtmf-decoder
6MB
tippytappiesbutmobile.wav