One thing for sure, this challenge is the most funny I have ever done.

Let me tell you why.

1. I download the file and it showed that it required password

2. I return to the web, and discovered the string of :

qo qt q` r6 ro su pn s_ rn r6 p6 s_ q2 ps qq rs rp ps rt r4 pu pt qn r4 rq pt q` so pu ps r4 sq pu ps q2 su rn on oq o_ pu ps ou r5 pu pt r4 sr rp qt pu rs q2 qt r4 r4 ro su pq o5

3. Here’s the TL;DR:

You spot a funky cipher: qo qt q\ r6...`. It screams layered encoding, so you dissect it.

• ROT13: Shifts alphabetic into slightly comprehendible — cool, but still encrypted.

db dg d` e6 eb fh ca f_ ea e6 c6 f_ d2 cf dd ef ec cf eg e4 ch cg da e4 ed cg d` fb ch cf e4 fd ch cf d2 fh ea ba bd b_ ch cf bh e5 ch cg e4 fe ec dg ch ef d2 dg e4 e4 eb fh cd b5

• ROT47: Cracks open the alphanumeric + symbols vault, revealing a juicy hex-like structure

53 58 51 6e 63 79 42 70 62 6e 4e 70 5a 47 55 67 64 47 68 6c 49 48 52 6c 65 48 51 73 49 47 6c 75 49 47 5a 79 62 32 35 30 49 47 39 6d 49 48 6c 76 64 58 49 67 5a 58 6c 6c 63 79 45 3d

• From Hex: Converts those tasty hex bites into ASCII plain text:

It’s inside the text, in front of your eyes!

It is truly interesting, so I tried more decoding to find what does it means.

• Base64: Slaps on a clean, modern disguise for obfuscation (because why not?).

U1hRbmN5QnBibk5wWkdVZ2RHaGxJSFJsZUhRc0lHbHVJR1p5YjI1MElHOW1JSGx2ZFhJZ1pYbGxjeUU9

Unfortunately, it doesn’t show anything as many final decoding to Base64 does (T_T)

Verdict? It’s a nerdy cocktail of substitution and layered encoding. Fancy, but crackable.

4. I contemplates on what I might miss, and try to do old-style inspect the code.

and I find this :

5. So I return to the title and desc, copy-paste it, and go to https://330k.github.io/misc_tools/unicode_steganography.html

6. Now we get the password and BOOM!

You have solved the Impossible Challenge! Here is your flag THM{Zero_Width_Characters_EZPZ}

yeah … truly impossible indeed if people keep scattering around and miss that the key is in the title and desc all along … still the most fun and fastest challenge room I have ever done in my whole life (that is not from learning path). Thank you, 0day! Great machine as always! I have done 0day and Ollie, so now let’s get work on REmux The Tmux next!