Wrong Number

Crypto Misc 150 pts Easy

Challenge Information

  • Challenge Name: Wrong Number
  • Category: Crypto, Misc
  • Points: 150 pts
  • Teams Solved: 15
  • Description: "For the past couple of days, don't know who, but a random person calls me. Don't want to talk to him. Can you help me find him?"
  • Files: WrongNumber.zip
  • Flag: EOF{4nd4n_w4_d1nw4v4w}

Solution Methodology

Step 1: Extract and Analyze Archive

unzip -l WrongNumber.zip

Contents:

Archive: WrongNumber.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
      246  2025-10-21 18:39   take_it.zip
 35995736  2025-10-20 13:42   wrong_number.wav
---------                     -------
 35995982                     2 files

Two files found:

  • wrong_number.wav - An audio file (~36 MB)
  • take_it.zip - A small encrypted zip file (246 bytes)

Step 2: Analyzing the Audio File

Upon listening to the song, the number 2441139 was embedded in the lyrics!

This was straightforward - no need for DTMF decoding, spectrograms, or complex audio analysis. The password was simply sung as part of the song lyrics.

Step 3: Extracting the Encrypted Zip

unzip take_it.zip

Output:

Archive: take_it.zip
  skipping: finally.txt    unsupported compression method 99

Understanding Compression Method 99:

Compression method 99 indicates AES encryption in ZIP files. The standard unzip command doesn't support this, so we need to use 7-Zip.

Step 4: Using 7-Zip with Password

7z x take_it.zip -p2441139

Success! The zip extracted a file called finally.txt.

Step 5: Reading the Flag File

cat finally.txt

Output:

YIZ{4hd4h_x4_d1hx4v4x}

This doesn't match the expected EOF{...} format, indicating it's encrypted with a substitution cipher.

Step 6: Decrypting the Cipher

Looking at the pattern:

  • YIZ{...} should be EOF{...}
  • This suggests: Y → E, I → O, Z → F
  • This is a Caesar/ROT cipher with a shift

Calculating the Shift:

Y (position 25) → E (position 5) = shift of -20 (or +6)

Decoding with ROT-20:

Input:  YIZ{4hd4h_x4_d1hx4v4x}
Output: EOF{4nd4n_w4_d1nw4v4w}

Flag: EOF{4nd4n_w4_d1nw4v4w}

Key Insights

Multi-Stage Challenge

  1. Audio analysis to find password
  2. AES-encrypted ZIP extraction
  3. Caesar cipher (ROT-20) decryption

Tools Used

  • unzip - Archive inspection
  • 7z - AES-encrypted ZIP extraction
  • Audio player - Listen for password in lyrics
  • CyberChef / ROT decoder - Caesar cipher decryption

Summary Table

Step Action Result
1 Extracted WrongNumber.zip Found wrong_number.wav and take_it.zip
2 Listened to audio for password Got password: 2441139
3 Extracted AES-encrypted zip with 7-Zip Obtained finally.txt
4 Decrypted ROT-20 cipher Retrieved final flag