blackSquare [Stego]

edited February 3 in Challenges

I think I got the flag but I'm unsure of the flag format. Anyone has the same problem?

limbernie
Write-ups of retired machines

Comments

  • edited February 3

    All letters are capital (uppercase), no spaces, no underscores: i.e. the flag format is HTB{XXXXXXXXXXXX}. And the size of the flag is 18 characters.

  • Lol. I'm such a fool. Thanks!

    limbernie
    Write-ups of retired machines

  • Man I hate these "GUESS THE FLAG" challenges...

    Hack The Box

  • edited February 4

    @alamot said:
    All letters are capital (uppercase), no spaces, no underscores: i.e. the flag format is HTB{XXXXXXXXXXXX}. And the size of the flag is 18 characters.

    Just to extend on this, the key (assuming HTB{KEY}) is 18 chars, not the entire flag. And yes, there will be guesswork. A lot of it. "Guessing the flag" kept me "entertained" for an hour...

    Edit: apologies if this is a "spoiler", but there is literally no chance at all to stay sane if certain information is not known about the expected output lol

    Hack The Box

  • @Fugl said:
    And yes, there will be guesswork. A lot of it. "Guessing the flag" kept me "entertained" for an hour...

    I keep coming across this and just want to say, again, there is no guesswork if you've fully extracted the data. I fell into the same trap as others initially, using a well known tool, seeing something that looked like the whole picture and wondering why the resulting output was all messed up. Unfortunately the quickest/easiest way is missing some data.

  • tool means ? s......e.jar :)

  • No guesswork here, the only part of the flag missing was because I didn't clean the image enough. The flag's location is pretty easy to find if you read the text and figure out the gaps

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • @alamot said:

    All letters are capital (uppercase), no spaces, no underscores: i.e. the flag format is HTB{XXXXXXXXXXXX}. And the size of the flag is 18 characters.

    If not for this i would have never got it... i had the flag for an hour.

  • Done, No guessing needed.
    Just try to clean the image

    Hack The Box

  • hey, what tools you use for this ? i use a lot of but didn't found anything. the header represent \x00

  • Anyone able to provide a nudge on this one, I've gotten what I think i need out of the image but lacking the knowledge on how to process it.

    Hack The Box

  • edited February 19

    I am relatively new to stego and am trying my hand at the blackSquare challenge. I am only familiar using Forensically, an online web tool that allows you to upload the photo so that you can examine it there. I have a VERY large, messy string, but am wondering what could be next? Any tool recommendations, blog articles, etc. would be appreciated!

  • Anybody willing to PM me tools that they use for these challenges? I use Kali

  • I have not been able to solve this one yet, although keep finding interesting 'things' as I continue down rabbit holes.

    Below is a stego cheatsheet:
    https://pequalsnp-team.github.io/cheatsheet/steganography-101

  • edited February 21

    EDIT: Nevermind, figured it out lol

  • pls someone pm me a good tool for this challenge I used the basic tools but nothing

  • edited February 29

    Interesting challenge. Didn't use anything special, but started to go down the py.....ct hole to try saving time. Never got the "easy" way to work, but if anyone did, please PM me the info! I'd very much appreciate it for saving time in the future. :)

    Either way, no guesswork needed to find the flag. A CTF mentality really helps you cut through the noise.

  • Got the flag (18 characters, all caps) but it is incorrect. Can anyone help me?

  • I´m in the same position
    Find mass capital letter, which making sense, but cant get the correct flag.
    Extracted it manually without scripts, but cant find hints about flaglenght or something.
    Dont want to brute force it.
    Any hints to get it?

  • Type your comment> @ConradoDomingo said:

    Got the flag (18 characters, all caps) but it is incorrect. Can anyone help me?

    Got it anyway. Good luck!

  • Type your comment> @davihack said:

    Done, No guessing needed.
    Just try to clean the image

    Hack The Box

    Is there a "standard" way to do this? I found interesting stuff ... but I am not sure how to isolate the stuff better. Can anyone shine some light on this?

  • I dont clean it well enough to see all what I need.
    Dont think, that simple scripts have the ability to do so.

    But if you have done it, the flag is obviously.

  • found something like m**se but i dont know how can ı extract from image

    i try some python script on github but ı cant get result :(

Sign In to comment.