🥩briskets
Posts Tags Categories THM About
🥩briskets

Contents

The Impossible Challenge

briskets included in THM
   410 words   2 minutes 
/images/impossible/impossible-badge.png

‌‌‌‌‍‌‌Hmm‌‌‌‌‍‬‌‍‌‌‌‌‍‌‌‌‌‌‍‌‌‌‌‌‍‍‌‌‌‌‍‬‌‌‌‌‍‌‬‌‌‌‌‍‬‍‌‌‌‌‌‌‬‌‌‌‌‌‌‍‬‬‍‌‌‌‌‍‌‌‌‌‌‌‬‌‌‌‌‌‌‍‬‬‌‌‌‌‌‍‬‌‍‌‌‌‌‍‬‬‌‌‌‌‌‍‬‌‍‌‌‌‌‍‬‍‍‌‌‌‌‍‬‬‌‌‌‌‍‌‌‌‌‌‌‍‬‬

Difficulty: Medium

Room: The Impossible Challenge

Created by: 0day

Decoding the cipher

Examining the page leaves us with what looks like a cipher.

1
2

qo qt q` r6 ro su pn s_ rn r6 p6 s_ q2 ps qq rs rp ps rt r4 pu pt qn r4 rq pt q`so pu ps 
r4 sq pu ps q2 su rn on oq o_ pu ps ou r5 pu pt r4 sr rp qt pu rs q2 qt r4 r4 ro su pq o5

The order to decode the hint:

  1. ROT13
  2. ROT47
  3. HEX
  4. Base64
/images/impossible/chef.png

The hint is: It’s inside the text, in front of your eyes.

Impossible.zip

Basic enumeration on the zip with file, binwalk, etc only reveals it’s just a password protected zip containing a file flag.txt. There must be more to the page. If I know one thing about tryhackme there’s a lot of steg challenges. Our hint is it’s in front of our eyes but what does that mean? Hmm maybe steg?

/images/impossible/impossible_zip.png

Unicode zero-width characters steg

Like they say.. you don’t know what you don’t know. I was hitting a wall with this challenge and decided to start googling as a last ditch effort.

Ironically searching hide text 2 characters with spaces I get a suspicious first result. Upon further investigation I decided to go down this route.

/images/impossible/googling.png

Googling some more I found a lot of online js webapps, python libraries, and even chrome and firefox extensions regarding zero width character steganography.

After installing this chrome extension I noticed something interesting on the page. There are a few browser extensions I stumbled on. They are highlighted in the Null Byte article and the accompanying Cyber Weapons Lab Episode below.


/images/impossible/detection.png

What I used to solve the challenge

330k's webapp

After finding the hidden text on the page we get the password to the zip and can read flag.txt.

Explanation

The_Hoid, a writer for Null Byte did a great job explaining this topic so I’ll leave you with his article and the Cyber Weapons Lab Episode.


Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks) - Null Byte

/etc/takeaways

This was a fun challenge from 0day. My key takeaway from this challenge is never under estimate googling like a five year old. At very least it could present a new topic that might be worth exploring to add to your knowledge or something to put in your notes to explore later. Enjoy hiding messages!

Updated on 2020-06-19
Read Markdown
 zero width characterssteg
Back | Home