feat: add hells-hex-station challenge

hells-hex-station/README.md

@@ -0,0 +1,10 @@
+# Hell's Hex Station
+## Difficulty
+Medium
+## Text
+Mein Fraulein,
+I haven't heard from you in a while. Won't you write me?
+## Files
+[recording.wav](recording.wav)
+## How to deploy
+n/a

hells-hex-station/SOLUTION.md

@@ -0,0 +1,45 @@
+# Hell's Hex Station
+## Difficulty
+Medium
+## Category
+Forensics
+## How To Solve
+The title is a reference to [Rudolf Hell](https://en.wikipedia.org/wiki/Rudolf_Hell) (inventor of the _"Hellschreiber"_), the [hexadecimal system](https://en.wikipedia.org/wiki/Hexadecimal), and [numbers stations](https://en.wikipedia.org/wiki/Numbers_station). The description of the challenge is a reference to [a 2006 talk at DEF CON](https://youtu.be/OOxW4VNuHf0) and also references the recurring German theme of this challenge.[^1] 
+
+The provided `.wav` file starts with the same tune as [the "Lincolnshire Poacher" numbers station](https://en.wikipedia.org/wiki/Lincolnshire_Poacher_(numbers_station)), followed by a voice repeating `CP437`, and ends with a pattern of beeping sounds. Using `exiftool` to look at the metadata of the audio file, we get the following output (_only relevant values are shown below; the irrelevant values are excluded_):
+
+[^1]: The "Mein Fraulein" description, Rudolf Hell being a German engineer, and the correct flag of this challenge containing a `ß`.
+
+```text
+$ exiftool recording.wav
+
+⋯
+Comment     : FELDHELL freq=14071.500
+Software    : fldigi-4.1.06 (libsndfile-1.0.28)
+⋯
+```
+
+The `Comment` and `Software` values bring us closer to the solution: the noise that makes up the bulk of the `.wav` file is ["Hellschreiber"](https://en.wikipedia.org/wiki/Hellschreiber) in Feld Hell mode, a technique developed in 1927 by Rudolf Hell and currently in use by Ham radio hobbyists.[^2]
+
+[^2]: http://www.w1hkj.com/modes/feld.htm
+
+We can use [`fldigi`](https://en.wikipedia.org/wiki/Fldigi) to decode the beeping, as the application contains Feld Hell as one of their [supported digital modes](https://en.wikipedia.org/wiki/Fldigi#Supported_digital_modes). After installing and opening `fldigi`, we change to the correct operational mode through `"Op Mode → Hell → Feld Hell"` and load in our `.wav` file through `"File → Audio → Playback"`. In the waterfall view on the bottom of the screen, we select the area that lights up when the beeping begins. Below, you can see a screenshot of the `fldigi` program, around a minute after loading the `.wav` file. A list of numbers in hexadecimal representation (referenced by the title of this challenge) appear on screen:
+
+![A screenshot of the `fldigi` program, a minute after loading the provided `.wav` file. A list of numbers appeared on the screen.](fldigi.png)
+
+```text
+49 47 43 54 46 7b 48 33 4c 4c e1 43 48 52 33 31 42 33 52 21 7d
+```
+
+Now, we could use any tool to transform a list of hexadecimal numbers to a string of characters. The simplest way of decoding this would be through [CyberChef](https://gchq.github.io/CyberChef/). After giving our list of numbers as input, we can pick the `"From Hex"` recipe or choose "Magic" and provide `IGCTF` as the crib (which attempts to automatically detect the encoding of the data). This gives us the following output:
+
+```text
+IGCTF{H3LLáCHR31B3R!}
+```
+
+**This is <u>not</u> the correct flag, however!** The provided `.wav` file specifically mentioned [`CP437`](https://en.wikipedia.org/wiki/Code_page_437), which is the correct character encoding. Using Python (or any other programming language or tool that allows us to use `CP437`), we can easily obtain the correct flag:
+
+```python
+>>> bytes.fromhex(hex_string).decode("cp437")
+'IGCTF{H3LLßCHR31B3R!}'
+```