Gainesville, FL
Quoted from okgrak:Is there another imagine that more accurately describes this entire shit show of a thread?
[quoted image]
ebfe043bca61779c134062c09a6f3944.gif(Topic ID: 203700)
Linked Games
Alice in Wonderland
Zidware Pinball USA, 2013-
Celts
Haggis, 2021
-
Magic Girl
Zidware Pinball USA, 2017
-
Retro Atomic Zombie Adventureland
Zidware Pinball USA, 2012
-
Retro Atomic Zombie Adventureland (Arcade Edition)
Deeproot, 2020
-
Retro Atomic Zombie Adventureland (Xtra Edition)
Deeproot, 2020
Topic Gallery
You're currently viewing posts by Pinsider medisinyl.
Click here to go back to viewing the entire thread.
ebfe043bca61779c134062c09a6f3944.gif 9 months later
Quoted from roffels:[quoted image]
Fireandbrimstone(d) on the far left going up (from the f at the bottom left corner).
Snip is Pinside backwards.
diagonal "pinbar" - P to the left of Merlin...
"fivedays" diagonal, at the top, near foodtruck's K.
Attack underneath foodtruck.
Some chance "machine" is "machine-age"
Quoted from ForceFlow:Where? I'm not seeing it.
D above fireandbrimstone...not sure how I missed that before...
1 week later
Quoted from blueberryjohnson:It's always been a possibility (and this update feels particularly trollish).
Don't forget, any one of us (or anyone else on the internet) had ample opportunity to purchase the domain from godaddy for not much cash. One wouldn't have to actually have secured the ip to use the logo on the site. Even if someone else recently purchased it, enforcement at this point would likely take a while to get going.
Site updated to v2 of the puzzle with an answer bank (seemed unnecessary). And three meta tag easter eggs (the two base64 codes previously mentioned:
<meta name="author" content="?">
<meta name="c01" content="TW9yZSB0aGFuIG1lZXRzIHRoZSBleWUu">
More than meets the eye.
<meta name="c02" content="R3JlYXQgd29yaywgYnV0IGRvbid0IG1pc3MgdGhlIGZvcmVzdCBmb3IgdGhlIHRyZWVzLiBBIG5ldyBjbHVlIHdpbGwgYXJyaXZlIGVhY2ggd2Vlay4=">
Great work, but don't miss the forest for the trees. A new clue will arrive each week.
[quoted image]
Looks like there's a new "c03" clue up, but I don't know how to translate it.
<meta name="c03" content="TG9vayBkZWVwZXIuIEl0IGhhcyBiZWVuIGhpZGluZyBpbiBwbGFpbiBzaWdodC4gTmV3IHdvcmQsIGVpZ2h0IGxldHRlcnMuIFRoaW5rIGRpbm8gcGxheWluZyBhIGNoaWxkcmVuJ3MgZ2FtZS4gUC5TLiBUaGVyZSBpcyBpbmRlZWQgYSBwcml6ZSBmb3IgdGhlIG9uZSB3aG8gZmlyc3QgZGlzY292ZXJzIHRoZSBzZWNyZXQu">
EDIT: "Look deeper. It has been hiding in plain sight. New word, eight letters. Think dino playing a children's game. P.S. There is indeed a prize for the one who first discovers the secret."
Quoted from Beechwood:New clues??[quoted image]
Troll post I presume 
Bankruptcy
Reachout
Great - John
Pints
Beers
Makeraza
Brokenrecord
Quoted from Seraph:Steganography. I uploaded puzzle.jpg to https://aperisolve.fr/ with a blank password. It didn't find anything, but it did report "pinside" in the "common passwords" field. Perhaps this is a password used by someone else's (the author?) previous attempt? Anyway, I tried it again with "pinside" as the password, and got the following steghide output:
Ah, "Think dino playing a children's game" ==> "Stegosaurus playing hide and seek" => "steghide"
Tried "pinside" (and figured out how to open the 7z file for the hidden message), tried "popadiuk"...nothing...then "deeproot." Odd that using deeproot brings up the word-bank image instead of the wordsearch (and notes a different file name uploaded). The word-bank isn't visible in the downloaded image.
Not sure how this thing works, but seemed weird that deeproot as a password changes the image shown. Perhaps some other image can be revealed rather than just a steghide message?
Quoted from Inside:The wordbank is a different image btw
Indeed. I was noting that uploading the puzzle file with the "deeproot" password somehow changes the upload to the word-bank image with its different file name, with no copy of that on my PC.
EDIT: Out of curiosity, I uploaded the word-bank image instead. No password brings up the word-bank...using "pinside" as the password brings up the puzzle image with the steghide information.
Quoted from blueberryjohnson:Can there be multiple different passwords for the same image? If not, then I assume you all have already found what was to be found with the 'pinside' password (at least for the current image on the website).
What is the different word search image you mentioned?
That the word-bank and puzzle are different images, and either uploaded to Aperi'Solve can access the other image depending on the password.
The deeproot logo itself is also a separate image I haven't tried anything on yet.
dfffddfdf (resized).jpgQuoted from blueberryjohnson:Right. I saw that outcome but didn't know the significance of it happening. Seemed a bit odd you upload an image to solve and it gets rid of that image and returns another, itself which could be (and had been) uploaded independently. But sounds like this is a type of intended behavior, different than another password returning a message (like it did with 'pinside').
EDIT: Now I think I get it. That site isn't specifically for finding secret info in word searches. More broadly, hidden messages in any kind of image, and it runs the password through various programs (of which steghide is but one of several) to see what if anything it can suss out.
I wasn't thinking it was finding anything in the word search itself necessarily (all new to me, and I have no idea what it does).
I was just questioning, that if the password can cause a different image to be shown, that perhaps the "right" password would reveal an image we're not aware of, rather than the steghide clue.
I was presuming the unknown 8 letter word mentioned is meant to be the password here, but that could be incorrect.
I also see the Deeproot logo can bring up the puzzle or word bank depending on password.
-----------------
While this feels a bit like a wild goose chase for the entertainment of whoever is making it, learning about cipher methods and hidden images is interesting to me.
Quoted from blueberryjohnson:Yeah. The bringing up a different image (without indicating this has happened on purpose) than the one submitted seems strange. I was wondering if it was a cookies issue so tried in incognito, but it did the same there. Still I wonder if this is closer to a bug than a feature?
I had the impression the 8-letter word was steghide (not that it could be and there could be a second 8-letter word that is for the url). The steg payload indicated more clues to come, so perhaps the info to solve is not yet there.
What password(s) bring up a different image for deeproot logo? I've learned that steghide does not process pngs (the format of the logo), so would have to be a different one of the decoders. Don't know which can use passwords vs not.
I see what you mean now on steghide being the 8-letter word, so perhaps this clue was another mostly dead-end (didn't seem to reveal anything we didn't already presume). Hard for me to tell if there's any expectation of solving it without being strung along with the clue schedule.
Deeproot logo brought up the puzzle with "pinside" and the word-bank with "deeproot." Can bring itself up otherwise, but does note an incompatibility for the steghide.
Quoted from blueberryjohnson:The bringing up is a feature of the french site itself (since presumably none of the encoding methods can have the effect of changing the behavior of some random website). So I feel *pretty* confident those things are red herrings.
On the topic of the eight-letter word, prior to today likely zero of us had heard 'steghide' and it definitely works for the dino game clue. So I don't think it was a dead end because it is what (directly or indirectly) led to the means to trigger "stage two." It's just unknown if the idea is all the info that is needed to find the url is already there. Or if new clues or new content first have to come out to allow for that to happen.
For example, the stenography stuff might now be done, so continuing to run any of the images through it with different passwords is pointless because the correct password for the correct encoding was already found.
Given this uncertainty, unless the person doing this wants to update the site to say otherwise, I'm sticking in a fork in any further efforts on my part pending the next update.
Dead-end was poor word choice on my part, but being a hidden URL was already something I had in mind, so it didn't feel like real progress toward the solution, aside from clarity.
Otherwise, I read there can be more than one password for a single image with steghide, but I agree it sounds like that may be all there is here.
Quoted from Seraph:If I try to pull up URLs based on the word list of the crossword puzzle, it appears those files exist, but I get an error page. However, there is a different error code for each file name. Here is the list of hex error codes that I see:
We tried making those ASCII codes, but after a few decodings that didn't seem to be making much sense. Any ideas? I'm off to play baseball w/the kids.
download (1) (resized).jpg"Twenty words to find, twenty characters in the hidden url. Coincidence? Certainly not. You have everything you need, no hacking necessary."
Quoted from Chalkey:Where did that come from?
deeprootpinball.com
Most recent base 64 clue in the source.
------
Some of the bits Seraph found were out of my knowledge realm for sure.
Latest clue seems to suggest it should be achievable, but I was at a loss.
I previously tried using Seraph's Hex numbers with the wordsearch in many ways with no luck...even attempted "quad manufacturing" ( ) by multiplying them by 4 (was curious as the numbers didn't go beyond 100, and there was 400 in the grid), but never found anything that was making sense....in alphabetical order, left to right on the word-bank, or with the letters in numerical order...
2 weeks later
Promoted items from Pinside Marketplace and Pinside Shops!
You're currently viewing posts by Pinsider medisinyl.
Click here to go back to viewing the entire thread.
Reply
Wanna join the discussion? Please sign in to reply to this topic.
Hey there! Welcome to Pinside!
Donate to PinsideGreat to see you're enjoying Pinside! Did you know Pinside is able to run without any 3rd-party banners or ads, thanks to the support from our visitors? Please consider a donation to Pinside and get anext to your username to show for it! Or better yet, subscribe to Pinside+!
