Photo by Eirik Solheim at UNSPLASH

The Seint's Christmas CTF — Part 2

If you want to see Part 1 of this walkthrough, you can find it here. Spoilers ahead!

Part 2 of The Seint’s challenge would have been a real head-scratcher for me if it hadn’t appeared in a puzzle before. Here’s the text in step2.txt:

The next message I got from my friend was strange. I think there was something wrong with her phone. The message I got was just "Going to 727774447777". Did she want to type a phone number or something was wrong with her phone? Could that be the hint to find the clue to her next location? 

The place she was travelling to (lowercase -> hash) is the password.

That doesn’t look like any phone number I’ve ever seen, but the mention of a phone is a big hint! Unfortunately, many of The Seint’s readers may not be old enough to remember phones that looked like this:

Nokia 3310

(I used to tweet with a phone like this!)

When sending SMS, or writing contact names, we used to have to tap a number key repeatedly to get the right letter. For example, tapping ‘7’ once gave us ‘P’, but tapping it three times gave us ‘R’. With that information, it should be easy to work out what the numbers represent, and we can get our MD5 hash.

The Multi-tap Phone Cipher

If you ever get a longer string of numbers to decrypt, you might want to automate things. There is no Operation in CyberChef for this type of cipher, but luckily CyberChef isn’t the only game in town, and we can use the French dCode site, which has such a decoder (and encoder in case you ever want to set your own fun puzzles).

Screenshot of dcode.fr

And with that, we’re off to Part 3!