Blackhole

@md101 said:

@autorun said:
Image havent paylode but we can hide some data in a image

I have tried GIMP and adding and removing filters is this the right track to get flag?

nope, sorry

found the right track

@jackshd said:

@md101 said:

@autorun said:
Image havent paylode but we can hide some data in a image

I have tried GIMP and adding and removing filters is this the right track to get flag?

nope, sorry

anyone have issues submitting the flag? Me and a collegue both solved it and got the same outcome, he got it submitted, i get incorrect notice. Exact the same format of input…

Nice challenge, I got stuck for a few hours after getting the original file out thinking there was no obvious indicator where to go and what a password may be.

If I missed something “in the corners” can someone PM Me to say what :slight_smile: I tried the usual ways in Gimp as well to try and reveal data and saw nothing so I assumed data was hidden another way, and I was blindly trying “obvious” passwords and one worked to give me the final stage to work on.

I am new here. As u guys mentioned about image, but i only received the hawking directory

@3s073r1k said:
Extracted flag… Decoded and found what looks like the flag but is not… used translator too… no go

same is the case with me… can anyone PM me for possible hint

@goron said:

@3s073r1k said:
Extracted flag… Decoded and found what looks like the flag but is not… used translator too… no go

same is the case with me… can anyone PM me for possible hint

Same here …

I have found the secret flag, but when I go and submit it, I just can’t, it says that the flag is wrong. The fact that the flag has the format that HackTheBox is asking and also that it makes sense (I mean the text of the actual flag) makes it super weird that I cannot submit it !? I even typed the actual flag with my keyboard, but no dice. Any ideas ?

EDIT: I found the solution. One of the programs that I used to crack the password at some point, made some of the flag’s uppercase letters lowercase. If you have the same problem (like me and the guy a few comments above), then check this one.

@Revolution said:
I have found the secret flag, but when I go and submit it, I just can’t, it says that the flag is wrong. The fact that the flag has the format that HackTheBox is asking and also that it makes sense (I mean the text of the actual flag) makes it super weird that I cannot submit it !? I even typed the actual flag with my keyboard, but no dice. Any ideas ?

EDIT: I found the solution. One of the programs that I used to crack the password at some point, made some of the flag’s uppercase letters lowercase. If you have the same problem (like me and the guy a few comments above), then check this one.

Would you please assist? I may have the same issue. I got something that is in the HTB format, but site says it is wrong., I have tried decoding it using different methods, to no avail.

@MrB00tz said:

@Revolution said:
I have found the secret flag, but when I go and submit it, I just can’t, it says that the flag is wrong. The fact that the flag has the format that HackTheBox is asking and also that it makes sense (I mean the text of the actual flag) makes it super weird that I cannot submit it !? I even typed the actual flag with my keyboard, but no dice. Any ideas ?

EDIT: I found the solution. One of the programs that I used to crack the password at some point, made some of the flag’s uppercase letters lowercase. If you have the same problem (like me and the guy a few comments above), then check this one.

Would you please assist? I may have the same issue. I got something that is in the HTB format, but site says it is wrong., I have tried decoding it using different methods, to no avail.

If you found something in the HTB format (e.g HTB{your_flag_here}) that means that you found the encoding; now, the only thing you need to do, is search for an alternative tool to decode it. Just google an other online decoder and you will be golden. What you are looking for, is in the first page of the google results.

@Revolution said:
If you found something in the HTB format (e.g HTB{your_flag_here}) that means that you found the encoding; now, the only thing you need to do, is search for an alternative tool to decode it. Just google an other online decoder and you will be golden. What you are looking for, is in the first page of the google results.

Oh that site is a goldmine, I knew I never should have let these buzztards get me down, thank you very much, challenge solved!

@MrB00tz said:

@Revolution said:
If you found something in the HTB format (e.g HTB{your_flag_here}) that means that you found the encoding; now, the only thing you need to do, is search for an alternative tool to decode it. Just google an other online decoder and you will be golden. What you are looking for, is in the first page of the google results.

Oh that site is a goldmine, I knew I never should have let these buzztards get me down, thank you very much, challenge solved!

You are welcome, I am happy that you found your way out! :slight_smile:

@Revolution said:
If you found something in the HTB format (e.g HTB{your_flag_here}) that means that you found the encoding; now, the only thing you need to do, is search for an alternative tool to decode it. Just google an other online decoder and you will be golden. What you are looking for, is in the first page of the google results.

Top advice that, got it, thanks @Revolution!

Man, this had me going for a while! Focus on the image. Don’t over-think it; How would you hide information?

completed this challenge if need any help feel free to pm

That one is little misdirection, I would classify this under Stego Challenge.

Use famous steg tool. You have to guess the password. Think it simple.

@isitme said:
Use famous steg tool. You have to guess the password. Think it simple.

Thanks @isitme

I’m completely confused by this challenge. I’m having the same problem Maco had earlier in this thread–I only get an empty folder when I extract the archive. I tried it in 2 different Linux distros and Windows 10 VM, same result. And the sha hash says it’s ok. How am I not getting an image or anything?

OK nvm my previous comment. I clicked on the archive again this morning, and somehow the jpeg just popped up.
I still don’t know exactly how they did that, though.