blackSquare [Stego]

I think I got the flag but I’m unsure of the flag format. Anyone has the same problem?

All letters are capital (uppercase), no spaces, no underscores: i.e. the flag format is HTB{XXXXXXXXXXXX}. And the size of the flag is 18 characters.

Lol. I’m such a fool. Thanks!

Man I hate these “GUESS THE FLAG” challenges…

@alamot said:
All letters are capital (uppercase), no spaces, no underscores: i.e. the flag format is HTB{XXXXXXXXXXXX}. And the size of the flag is 18 characters.

Just to extend on this, the key (assuming HTB{KEY}) is 18 chars, not the entire flag. And yes, there will be guesswork. A lot of it. “Guessing the flag” kept me “entertained” for an hour…

Edit: apologies if this is a “spoiler”, but there is literally no chance at all to stay sane if certain information is not known about the expected output lol

@Fugl said:
And yes, there will be guesswork. A lot of it. “Guessing the flag” kept me “entertained” for an hour…

I keep coming across this and just want to say, again, there is no guesswork if you’ve fully extracted the data. I fell into the same trap as others initially, using a well known tool, seeing something that looked like the whole picture and wondering why the resulting output was all messed up. Unfortunately the quickest/easiest way is missing some data.

tool means ? s…e.jar :slight_smile:

No guesswork here, the only part of the flag missing was because I didn’t clean the image enough. The flag’s location is pretty easy to find if you read the text and figure out the gaps

@alamot said:

All letters are capital (uppercase), no spaces, no underscores: i.e. the flag format is HTB{XXXXXXXXXXXX}. And the size of the flag is 18 characters.

If not for this i would have never got it… i had the flag for an hour.

Done, No guessing needed.
Just try to clean the image

Hack The Box

hey, what tools you use for this ? i use a lot of but didn’t found anything. the header represent \x00

Anyone able to provide a nudge on this one, I’ve gotten what I think i need out of the image but lacking the knowledge on how to process it.

I am relatively new to stego and am trying my hand at the blackSquare challenge. I am only familiar using Forensically, an online web tool that allows you to upload the photo so that you can examine it there. I have a VERY large, messy string, but am wondering what could be next? Any tool recommendations, blog articles, etc. would be appreciated!

Anybody willing to PM me tools that they use for these challenges? I use Kali

I have not been able to solve this one yet, although keep finding interesting ‘things’ as I continue down rabbit holes.

Below is a stego cheatsheet:

EDIT: Nevermind, figured it out lol

pls someone pm me a good tool for this challenge I used the basic tools but nothing

Interesting challenge. Didn’t use anything special, but started to go down the py…ct hole to try saving time. Never got the “easy” way to work, but if anyone did, please PM me the info! I’d very much appreciate it for saving time in the future. :slight_smile:

Either way, no guesswork needed to find the flag. A CTF mentality really helps you cut through the noise.

Got the flag (18 characters, all caps) but it is incorrect. Can anyone help me?

I´m in the same position
Find mass capital letter, which making sense, but cant get the correct flag.
Extracted it manually without scripts, but cant find hints about flaglenght or something.
Dont want to brute force it.
Any hints to get it?