Hack.lu CTF Challenge — Callboy
Challenge Type : Misc
Requirements : Wireshark & pcap
Task:
Have you ever called a Callboy? No!? Then you should definitely try it. To make it a pleasant experience for you, we have recorded a call with our Callboy to help you get started, so that there is no embarrassing silence between you.
PS: do not forget the to wrap flag{} around the secret
To get started, open the Callboy.pcapng in Wireshark. In there you will notice a Protocol called RTP - Real-Time Transport Protocol. "RTP is a network protocol for delivering audio and video over IP networks. RTP is used in communication and entertainment systems that involve streaming media, such as telephony, video teleconference applications including WebRTC, television services and web-based push-to-talk features. "
Download the Callboy.pcapng from the competition website or you can download the file using the link given below,
Open it using the following command in your terminal,
unknown@kali:~/Downloads$ wireshark Callboy.pcapng
This made sense, since the description of the challenge implied, that there is a call, we have to listen to. Then, how are we gonna get the audio from those packet?
This website’s second point “SIP Call analysis” tells us, how we are gonna do that. By following the instructions from Wireshark official website by clicking on “Telephony/Voip Calls” we get this window:
As you can see, there is one call, which lasted 15 seconds. By selecting it and clicking on the play button in the bottom of the window, a nice window appears, where we can play the call.
Sadly enough, we can only play and stop the track in Wireshark, but Wireshark does not pause or resume the track. By clicking on play, the flag reveals itself. Hear the audio and note down the flag played in the audio file.
Hurray, we just found the flag from the juicy Callboy.pcapng file using Wireshark framework,
flag{call_me_baby_1337_more_times}
Thanks for following my blog on Hack.lu Callboy challenge walk-through. Kindly do drop your comments and if you do have an alternative way to find the flag, do comment below. That’s all for today’s challenge, see you again later, Bye.