Tags: morse 

Rating:

First, let's visit the website and enter the credentials that they gave us.
Once we've done that it tells us that we can visit `/home`. Let's do that.

When we do that, we're brought to a waitlist page. We don't see much interesting, except some morse code that alerts "HEHEHAW" if you click on it. That's suspicious (or sus, if you aren't tired of Among Us yet). Maybe it's part of the solution? We'll have to see.

Also, it says that the **web developers** have made the game early access. Hmm. Maybe it's hidden on the page?

Well, since there's nothing else interesting from the rendered webpage, let's look at the source code. There's a bunch of code for the website...then we see this:
```html


?Welcome early-access testers!!!? Download our game here!


```
We've found more info (and the game)! Let's go download the game and ~~play it~~ look at what it does.
Let's download the game. Wait, why does it have a PyInstaller icon?

![Application Info viewing PyInstaller icon](https://i.ibb.co/gDwyFMh/image.png)

That's weird, maybe it was made into a `.exe` with PyInstaller?
Let's run the game now:

![Trash Royale game with PyGame logo in top left corner](https://i.ibb.co/fX9BdrG/image.png)

Wait, there's a Pygame logo too! So this is a game made with Pygame compiled with PyInstaller. This makes our job reverse engineering it a lot simpler since we know how it was compiled.

Now let's do the fun part, playing the game. Let's use the controls on the page and play it. It wasn't that hard for me and I haven't ever played Clash Royale before, but YMMV.

If you win, we hear a very obnoxious "heheheha" sound, but it sounds kind of weird. It sounds like someone randomly put together "he"s and "ha"s instead of the regular sound. That's strange, maybe it's some kind of steganography?

Well, since there's nothing else to do in the game, let's try decompiling it. Using our google skills, you can find that you can use [pyinstxtractor](https://github.com/extremecoders-re/pyinstxtractor) to decompile it.

After you download the script and decompile it, we can look inside the program and its data.
Let's look through the files and see if there's anything interesting. Wait, there's a file named `flag.mp3` in the `assets` directory!

When we open it, we hear the same "heheheha" sound. Now we need to figure out how to decode or extract information from this.

There isn't much other information that we can find, so let's think about what we have. Well, we did have that morse code with "HEHEHAW" at the beginning so maybe it's morse code? It makes sense, since there are two sounds, "HE" and "HA", and stops between them.

We need to map this to morse code, then we can just decode it! "HA" sounds longer and more like a dash, so "HE" is probably a dot.

Now we just need to transcribe it. If it's too fast, you could try slowing it down with whatever app or tool is convenient or easy to use. It's important to go slow and get it accurate.

Once we do this and convert it, we get that the text hidden in the audio is `H3H3H3H4WTHREECROWN`. Now the CTF problem tells us to wrap it in `LITCTF{}`. After we do that, we get the flag! It's `LITCTF{H3H3H3H4WTHREECROWN}`.