Razi CTF - Writeup
FORE File provided by the challenge contained a pcap file . the hint was pretty obvious. So loading up the pcap with Wireshark and applying the filter "http.content_type matches "audio/*" gave the following result Following the TCP stream, gives us the link !! http://www.coca.ir/ey-iran-gholamhossein-banan-music/ The flag for this is RaziCTF{ http://www.coca.ir/ey-iran-gholamhossein-banan-music/} CYBERCRIME Tricky , but simple .. google search reveals the following link https://twitter.com/kvbNDtxL0kmIqRU/status/1052074801433595904 The flag for this CTF is RaziCTF{ @kvbNDtxL0kmIqRU} CLICHE File provided by the challenge was a .wav file. It wasn't comprehensible. After running tools like exiftool and binwalk, I knew for sure that the flag wasn't hidden in the file itself. Finally I decided to check the .wav file with qsstv software. This is what I got: The software was able to map the text using the .wav file. And we got the flag! RaziCTF{h0w_y0u_d0in}