Where is the Blue Shadow?

Hello Everyone,

So I managed to make sense of the data on the Twitter page and build a file from it . Now I don’t want to give anything away, but I’m kind of stuck. Any hints would be very welcome and so would any private messages. No spoilers though :slight_smile:


I’m in the same boat.
Decoded the tweets and all, but don’t know how to get the flag :confused:

I’m in the same situation as you. I’m trying a couple of things, one related to reversing and another related with crypto… but don’t know if I’m in the right track. Hints and PM would be welcome.

Am in similar situation - have a binary without headers (so it won’t debug). Only a few functions which do pretty trivial XOR’ing. Since I can’t debug, I can’t tell how many bytes long the XOR key is, or whether it is rolling.

I’ve been told the flag is pretty obvious - but at least in my reversing (and manual attempts at decrypting the flag from memory) of this binary in IDA - it isn’t popping out.

Anyone know whether pasting the sha256 hash of the binary recovered from twitter is considered a spoiler? You know, to verify I got all the tweets correct (since it is no longer trivial to get a Twitter developer account).

Hi, somebody I can ask about it? so I can disassemble the executable and I understand what it does but I just don’t know what the antidote is, could somebody drop me a hint?

Could anyone provide a hint? I’m at the point where I can see/read some text in the file, but it seems I need to do something more with this file or with parts of its content. Also I’d like to check with the sha256 hash like @acidicbark suggested.

Never mind: use Kali in VirtualBox if running Windows; do not use Ubuntu on Windows (Linux subsystem)