First step is to try and play the wav file. When we try, we see that it cannot be played. Usually my first step is to either run `file filename.wav` to see what we are working with or to open the file in a hex editor (I use the one provided in vscode). Opening in a hex editor we see that the magic numbers (file signature) is PNG.


We can then change the file extension from *.wav* to *.png*. Now if we try and open the file we see an image of a discord conversation.


I have solved a similar challenge and recognized that this is an [aCropalypse][aCropalypse] exploit for android devices where a screenshot that has been edited (using android's markup tools) can be reconstructed. All we need to know is the type of phone that this screenshot is from and then we can put it into the online tool [acropalypse.app][acropalypse.app]. To find the phone model we can either run `exiftool filename` or `strings filename`. Exiftool will usually be more helpful but for this challenge both work.

{% highlight bash %}
exiftool low_effort.png
Unique Camera Model : Google Pixel 7

strings low_effort.png

jeXIfMM
Google Pixel 7
IDATx
{% endhighlight %}

Both tell us that the mode is a Pixel 7 which we can enter into the tool and it will return an image containing the missing parts.


Now we have the flag: *sun{well_that_was_low_effort}*

[aCropalypse]: https://en.wikipedia.org/wiki/ACropalypse
[acropalypse.app]: https://acropalypse.app/

Original writeup (https://jaedyno15.github.io/ctf_writeup/2023-10-09-low_effort_wav_sunshine/).