 What's up, YouTube? This is a video right up for the challenge twins for 50 points in the steganography category on HACCON CTF 2018. Challenge prompt here is two brothers separated long ago, finally decided to reunite. Each one holds a secret key but needs the other brother to read it. Can you find their hidden secret? So we're given these two files that we can go ahead and download. I'm just going to W get them and we'll have them ready to work with us. So if you actually take a look at these, these are both plain text files. They are simply this. Same with the other one. Just looks like garbage, a lot of nonsense. I couldn't tell what this was when I immediately looked at it. It didn't seem like base 64. I thought for a second, okay, maybe it's a different base like base 85. So I thought I'd go ahead and try that base 85. You can give it some of this thing here and you can try and decrypt it, but that didn't get anything. And I noted it might be base 85 because of this is their kind of style that they're used to. It doesn't always have to have these curly arrows at the very end, but that text looked like that. So I thought, okay, maybe that's base 85. Another option I thought was it maybe another esoteric language like Malboge or Malboge. I have no idea how to actually pronounce that. And that is an esoteric language that it also looks like gibberish. So I figured, okay, I'll try and find an online decoder for that. There were plenty of these online and I pasted it in, but okay, that also gave me an error, nothing in that regard. So I started a tinker with them. I started to look at both of these together. I thought, are these X-word or what are these things? So I tried to put them together in Python and started to work with them. You can get started with a script if you want to follow along. I'm going to go ahead and have a shebang line here. I'll have file one, f1.read, just for some quick short hacks, same thing with f2 here. And then I actually wanted to determine the length of these, which we could have just ran through, but they are the exact same. So I thought, okay, I could X-word them if really wanted to. I didn't get any results with that. So other things that I tried was I actually tried to loop through all of the characters in both of them. So for i in range length of f1 or either f2 if you wanted to, you could just print out that f1 index at that position. Same thing with f2, index at that position. And I will go ahead and run that, ape.py. Why do I have an error there? Okay, whatever. It's going to work just fine. So I got a lot of garbage here, stuff that didn't make a whole lot of sense. Again, just looking at each character beside each other and nothing particularly looked all that good and promising. I tried it by looking at even just the ordinal values to see if there was a difference in the number or like the asking number for each of those characters. So if there's something obvious or some translation going on between the two of them, nothing again in that regard. So eventually, I feel like I would have noticed this at some point because I did notice that some of these did share the exact same letter at a position. And that may have led me to the conclusion that eventually a teammate suggested in our Discord server. So if you haven't joined the Discord server and you want to play Capture the Flag with other cool people, please click on that link, join the server link in the description. So the idea was maybe all of the letters that are shared or the characters that are shared between file one and file two mean something. So the way we can test that is if f1 at the current i is equal to f2 at the current i. So if they're the same character, then we can go ahead and add them to maybe like a message that we're looking at. So we can say message.append, either one of these because again, they are the same character. If we wanted to, we could join that message together, go ahead and print it out. And that is our flag. So smart idea. I think it was Vic Frank that got that. So props to you, man. Really interesting thing that we were struggling with for a while. We just couldn't figure out what the what that text meant or really even what the challenge prompt was trying to hint at. But that was the flag trying to find the similarities between the two files. So I guess that in some regard is twins. If we wanted to, we could save that script, move it to a get flag if we wanted to make sure it's executable and mark that challenge as complete. We could submit it if we wanted to, but unfortunately the game is no longer running. But we did get the flag. Special shout out to the people that support me on Patreon. Thank you guys so much. It's incredible to see this list getting longer every now and again. I really appreciate everything that you guys do. $1 a month or more on Patreon will give you a special shout out just like this at the end of every video. $5 or more on Patreon will give you early access to everything that released on YouTube before it goes live because I normally record in bulk and then let the videos just gradually get released by schedule. If you did like this video, please do like, comment and subscribe. That really, really helps me out. Please join the Discord server link in the description. It's an awesome community of CTF players, programmers and hackers. If you want to join us for the next game, I think Nighthawk CTF is coming up this weekend and ICTF is coming the following weekend. So please come hang out with me and some, come hang out with other cool people. It's awesome. Great. See you in the next video.