The Impossible Challenge

Hmm
Difficulty: Medium
Room: The Impossible Challenge
Created by: 0day
Decoding the cipher
Examining the page leaves us with what looks like a cipher.
|
|
The order to decode the hint:
- ROT13
- ROT47
- HEX
- Base64

The hint is: It’s inside the text, in front of your eyes.
Impossible.zip
Basic enumeration on the zip with file
, binwalk
, etc only reveals it’s just a password protected zip containing a file flag.txt
. There must be more to the page. If I know one thing about tryhackme there’s a lot of steg challenges. Our hint is it’s in front of our eyes but what does that mean? Hmm maybe steg?

Unicode zero-width characters steg
Like they say.. you don’t know what you don’t know. I was hitting a wall with this challenge and decided to start googling as a last ditch effort.
Ironically searching hide text 2 characters with spaces
I get a suspicious first result. Upon further investigation I decided to go down this route.

Googling some more I found a lot of online js webapps, python libraries, and even chrome and firefox extensions regarding zero width character steganography.
After installing this chrome extension I noticed something interesting on the page. There are a few browser extensions I stumbled on. They are highlighted in the Null Byte article and the accompanying Cyber Weapons Lab Episode below.

What I used to solve the challenge
330k's webappAfter finding the hidden text on the page we get the password to the zip and can read flag.txt.
Explanation
The_Hoid, a writer for Null Byte did a great job explaining this topic so I’ll leave you with his article and the Cyber Weapons Lab Episode.
Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks) - Null Byte
/etc/takeaways
This was a fun challenge from 0day. My key takeaway from this challenge is never under estimate googling like a five year old. At very least it could present a new topic that might be worth exploring to add to your knowledge or something to put in your notes to explore later. Enjoy hiding messages!