[ / / / / / / / / / / / / / ] [ dir / 1piece / 3rdpol / acme / arepa / ecopol / general / lovelive / tacos ]

/qresearch/ - Q Research Board

Research and discussion about Q's crumbs
Winner of the 53rd Attention-Hungry Games
/d/ - egenerates

August 2018 - 8chan Transparency Report
Comment *
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
(replaces files and can be used instead)

Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 5 per post.

First time on QResearch? 8chan? Click here, newfag.

a50e5b No.2300468

from bread #2897:






















Variations of Sarah Silverman




website for app: https://guardianproject.info/apps/pixelknot/

download the app

save the pic

open WITH the app, then try password

(pic related) is an example of how it works

save, open with app, type in password: trusttheplan



9dd7b9 No.2300485


Has anyone tried to open the Welcome Aboard image?

c5ad61 No.2300523

Always try every password backwards as well. Think mirror.

Also, remember they are case sensitive. So vary that up as well (just first character, first character of every word, all upper, all lower, on backwards pass try with just the last letter, last letter of each word, etc.).

b93f7f No.2300529

try anagrams of stand the fuck down? how long does the password have to be?

293dc0 No.2300551

For SS, try the date on the phone


f26010 No.2300558

https://1337.me/ might help

6dc428 No.2300574


How about, "We have it all."?

f26010 No.2300576


It's a normal text to leetspeak converter. Might be used by the illiterate left. Remove https:// to access the site.

f04913 No.2300578



my phone is kaput currently - but what about the twitter code for something she tweeted on that day? or when the orig was posted to 8?

KWIM? each tweet has a number, right?

4c9cca No.2300585



ddfd8a No.2300605

I think it's just overloaded now. The one an anon posted earlier telling us the password is stuck at 10%.

4da8e0 No.2300606

YouTube embed. Click thumbnail to play.

TY for board

Anons who want to dig on this

there is a yr 2012 video called

Paint the Picture

Official video for Paint The Pictures from of Verona's debut album, The White Apple


I paint the pictures of the oceans I'll never see

I'll hold a candle through the darkness so I believe

There is a future find and narrow find me home

I paint the pictures of emotions I'll never own

Send me on my way I drift in out of here in to outer space

I found my place out there you'll find me on the moon you'll never me alone

Here among the stars is home away from home

You tell the story of the forces that build your fire

You wait for silence find the sources or you'll expire

There is the sorrow of an island I can't go

You stuck in your cage sent to be now feel with me struggles

Send me on my way I drift in out of here in to outer space

I found a place out there find me on the moon you'll never be alone

Here among the stars is home away from home

There's a moment of surrender there's a moment to make it better

Find the old now and remember there's no longer only forever

There's a moment of surrender there's a chance to make it better

Find the old now and remember that's forever

I paint the picture of the ocean I'll never see

I hold a candle through the darkness so I believe

0f52b8 No.2300621


from main board - thought to bring here fro Anon who posted:


I can't my cpu doesn't have the right app to use it.

it's 111 day theory tho just lemme know.

one tried said it was 0% stuck


901760 No.2300642

The passwhored is:


But really, why do we care about that photo when there are so many Q photos to try.

e5c8b1 No.2300646


Would help if an anon can post a direct link to the 4chan thread with the ORIGINAL image.

bf38bd No.2300658


Maybe it's podesta's password


4fdb58 No.2300659

File: e9845fa5542c6ba⋯.png (37.85 KB, 423x502, 423:502, SarahKSilverman.png)

from:SarahKSilverman since:2013-07-20 until:2013-07-23 on twitter search

maybe they use someone's old tweets to enrypt and hint at it

but there's urretly no tweet from that date

so the question is since /hph/ has been archiving whole accounts is there one for her?

28a130 No.2300673

what about something related to Alice, wonderland, rabbithole ? snow white, seven dwarfs, dopey

c5ad61 No.2300681


Try those, too. Maybe early ones are simple to help teach us.

We care about SS pic, because Q seems to be telling us that there is definitely something in that photo. Less of a wild goose chase.

f04913 No.2300706

File: 804708254916522⋯.png (99.66 KB, 1643x825, 1643:825, sks game.png)

since the date is wrong - is this a clue???

from here: https://en.wikipedia.org/wiki/Taco_Bell_All-Star_Legends_and_Celebrity_Softball_Game

7316b2 No.2300707



Cooper Freshley

f26010 No.2300715

posting the correct picture for others to try would also be helpful

b3871c No.2300725

File: c572f11a3370268⋯.png (760.27 KB, 1599x853, 1599:853, kkmmnnnbb.PNG)

File: a0af192808b2217⋯.png (639.88 KB, 1599x858, 41:22, okjjnn.PNG)

can't be 100 % sure but hmmmm

just shy of 8k at 350 knotts

7316b2 No.2300727


There is definitely data in the pic, I compared others.

4c9cca No.2300733





e5c8b1 No.2300768



Link to image.

28a130 No.2300769

viva le resistance


f04913 No.2300774


We Are Miracles

**silverman album - 2013

4fafec No.2300782

Think mirror

Try every password in reverse too

49b7be No.2300802


293dc0 No.2300808


Good thinking

Or speck of dust

a7362b No.2300821


05de99 No.2300822



f04913 No.2300843

just hunting down random odd phrases now in relation to silverman

Evil Genius potty mouth -

** title of article about her

05de99 No.2300874



or backwards?

7316b2 No.2300877


>oy vey

There is data in the original


df7aa1 No.2300878

So whos tried attaching a debugger to this yet?

If its an app lets find the open message routine and see if we can jump it.

Skip password entirely, make sure for any CRC on memory to protect it.

They use some stupid math to encrypt the key but fuck that.

If you cant go through, go around right?

May need multiple eyes on this for the purposes of debugging, testing, code injection, sub routine checks etc.

Anyone? Im not that good to go at it alone.

10482b No.2300879


Made in America.

Trump keeps saying it in his speech.

f04913 No.2300908

i'm convinced the date is the biggest clue

wrong date

wrong sunday

wrong year

also - any1 try holding the msg to a mirror? wondering if a mirror image (not just backwards) holds a clue

c5ad61 No.2300919

File: bad04954f7e3a06⋯.png (321.63 KB, 998x602, 499:301, codebreak.png)


We now are certain there are messages encoded in Q photos for those of you who would like to get cracking.

20e9c3 No.2300934

Since we have tried all the obvious passwords I think we need a more automated approach.

We could run the f5 program through a word list, and have it check every possible password in the list.

To generate the list we could use the tool cewl to crawl that thread and compile it into a word list, in case they posted the password anywhere in the thread.

If it's not in there then we could add in anons suggestions as well, and then use the johntheripper tool which mutates the words according to specific rules.

ddfd8a No.2300960


This was not a Q image, it was one an anon created and posted

aa13f5 No.2300962

File: ec5c89f80cb4444⋯.png (636.28 KB, 669x779, 669:779, ClipboardImage.png)

c5ad61 No.2300966

Let's check SS's tweets from around the time of the posted image. Perhaps clues there?

20e9c3 No.2300969



Even if we aren't successful with this approach on the SS pic it would be very easy to crawl qanon.pub and try everything Q has ever posted to decode his images

c5ad61 No.2300977


Ah, I stand corrected. Sorry anons.

f04913 No.2301003

File: 3f10bd1dc7b2d22⋯.png (108.61 KB, 1687x738, 1687:738, date721.png)

silverman a distraction?

ran just the date - found this. Odd? or not?



Donegal now


6afb4e No.2301019

No wonder these assholes started wiping their social media pics.

e5c8b1 No.2301021


Gotta prove it. Stranahan types will never buy into it unless it can be proven. Q's still a bit cryptic about who actually posted it. If Sarah didn't, and it's a shoop, then where is the actual original photo from? That's what needs to be figured out.

bbe9a9 No.2301025

SKIPPY or P@ssword?

7316b2 No.2301038

File: 16937532bd529b4⋯.png (3.04 KB, 417x54, 139:18, proof.PNG)


The data is there, it's the password to decrypt it we're after.

63c5ce No.2301043


Yeah I’m sure the Lizardmen put it there

Q isn’t real

I seriously can not wait for all boomers to die off LOL

7316b2 No.2301048


Go back to posting gore faggot.

63c5ce No.2301060


Go back to Facebook, gramps

You fuckers are insane

a7362b No.2301063

Phonefaggin but Q post 1714 says

"How do you hide a message in clear sight"

Hide it in the open

ddfd8a No.2301065


I don't know much about this stuff - if you just pulled a random image from anywhere, would it show something similar or is this definitive proof of it?

7316b2 No.2301083


No, I tried with other random images.

Try it yourself if you don't believe me


t. used to recover data and can tell image headers

05de99 No.2301085


e62237 No.2301115

Try "Jesus"… they hate him.

4c8da4 No.2301134








f04913 No.2301135

sunday silverman

just the key pts?

its gotta be something people would be able to guess/find fairly easily if its meant to out to a wide audience, right?

pedowood would recogn silverman, wrong date is an easy catch

or just


sunday 721?

339ec2 No.2301151

Ok just found this thread today… Can someone explain to me whats going on here? I get the data in image part but what are you using to try to extract data/pw cracking… Something about an app? I have a beast of a pc 16cores. maybe i can brute force it? Give details im on board love this kinda stuff. Thanks

a7362b No.2301155


d327e3 No.2301170


f04913 No.2301178

lutheran sermon from sunday july 21


cerebral knot


e1caba No.2301186


a7362b No.2301213

Q post 63 was the only other time I can see where he mentioned /pol/

At the bottom it says

4920-a 293883 zAj-1 0020192

Alice & Wonderland

e5c8b1 No.2301220






f04913 No.2301233


yep - we are close!!

f04913 No.2301244

pulling phrases/ideas from that page


light bringer

mary and martha

luke 10 38 42

63c5ce No.2301252


Close to death

The Massive boomer die off is going to start in less than 5 years, can’t wait!

f04913 No.2301255

silver man sun day

(do spaces count?)

f04913 No.2301272

oh its on. hail holy queen.



bbe9a9 No.2301282

forthepeople - their new slogan.

f04913 No.2301290

sarah and laura

91fa2b No.2301295

File: 8e5db8b1c69a78b⋯.png (10.62 KB, 466x244, 233:122, Screenshot_2018-07-26 Q.png)

f04913 No.2301309

blessed are your eyes

02b0f7 No.2301332

File: 2ec4d0976aa8992⋯.jpg (13.42 KB, 380x218, 190:109, d1758f3cd594eb47a6b301788a….jpg)

try this photo

f04913 No.2301354

sister act

sermon is about sisters

lucifer sister


61697a No.2301363

Anyone tried the Assange or Snowden hex codes from twatter?

7316b2 No.2301370



The photo we're working on is


7ee209 No.2301372


you'll get yours soon enough. :)

d9e58c No.2301384

Pixelknot uses f5android library

import info.guardianproject.f5android.plugins.PluginNotificationListener;

import info.guardianproject.f5android.plugins.f5.Extract;

import info.guardianproject.f5android.plugins.f5.james.Jpeg;

import info.guardianproject.pixelknot.crypto.Aes;


0deaab No.2301386


how about we sticky the original SS picture onto this thread so we have the correct data to work with.

7316b2 No.2301393

File: 5a7f006bc6398e6⋯.jpg (68.91 KB, 794x762, 397:381, 1532237608528.jpg)

61697a No.2301405


Is "STAND THE FUCK DOWN" the password?

f04913 No.2301407

seriously try



Untying the cerebral knot

program is pixelknot - this makes sense to me.

7316b2 No.2301413

cd00f1 No.2301423


d327e3 No.2301426




cd00f1 No.2301431

er vanelopevonschweetz

fd2b20 No.2301434

File: 9c87387ad41ff02⋯.png (382.48 KB, 669x779, 669:779, ec5c89f80cb444409caf6d4c7a….png)

Sarah's beloved dog died. She was grieve stricken.

Duck Doug Silverman

cd00f1 No.2301436


cd00f1 No.2301443


cd00f1 No.2301447


d9e58c No.2301461


Just posting interesting stuff from the source.

package info.guardianproject.pixelknot.crypto;


* Based on code from K9Mail:

* https://code.google.com/p/k9mail/source/browse/k9mail/branches/apg-integration/src/com/fsck/k9/crypto/Apg.java



Outside of that part, in apg.java

static final long serialVersionUID = 0x21071235;


* Get secret key ids based on a given email.


* @param context

* @param email The email in question.

* @return key ids



SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");

I'll look some more when I can. I'll check it out in Android Studio when I get off work.

4c9cca No.2301487









0deaab No.2301496


TY anon

bbe9a9 No.2301529





39b3e3 No.2301542


negative. Also, Q didn't make the password and neither did we. Don't rely on autism to guess it. summon your inner kike

f04913 No.2301550

Shut the front door


39b3e3 No.2301556


also no.

ce94b9 No.2301557

File: 40687c1b9d6e78a⋯.png (277 KB, 531x573, 177:191, ace4c45c3cb681bc2fa26b7ea7….png)

You guys see this from the main research bread?

f04913 No.2301559

looking up something jewish in scripture maybe.. be back in a bit

4c9cca No.2301581


:( none in me

61697a No.2301593

who encrypted the files?

our guys or theirs?

we sure the password is in english?

maybe russian? or hebrew!!!

what about movie names/characters/studios?

02b0f7 No.2301606

anyone try 382?

61697a No.2301611


Just block his ID+

293dc0 No.2301637


It would seem to me that whatever this password is, or however they do this, would be right in plain sight for whoever receives the picture(s), otherwise they would have to communicate further to drop more hints.

63e2b1 No.2301645

Try picture file names

bbe9a9 No.2301651


I posted SKIPPY above.

Also, someone on 4chan said they found a name in the file. Not sure if you saw that. They posted on the main thread.

39b3e3 No.2301664


I thought the same and thought the picture was telling where to get the password: sarah silverman. I checked her twatter for the date shown and din't see anything of note and tried the works she capitalized and had in quotes but no luck

a42933 No.2301670

Yeah. (((They))) really don't want us figuring this out.


ANON has posted calling it a breakthrough, but have not seen it repeated.

02b0f7 No.2301676


whats the flag that was used for the post?

39b3e3 No.2301677


that's a negative

02b0f7 No.2301678


maybe the flag that was used has a name.. try that?

02b0f7 No.2301685

File: 2ba39b09a55b6e6⋯.png (110.86 KB, 478x188, 239:94, ClipboardImage.png)

5c9a3d No.2301693

293dc0 No.2301695

File: d793993e76475f2⋯.jpg (63.5 KB, 960x852, 80:71, sarah silverman stand the ….jpg)


Good thinking

Examine what is there

in this case, its the Rainbow flag

02b0f7 No.2301721


try "Gay" "gay" "GAY" "*GAY*"

f04913 No.2301733

i keep getting stratford, CT

also 2013 episode of show silverman was in

game of tones

a42933 No.2301752

File: 5a5b703f1a6ece4⋯.png (6.79 KB, 255x196, 255:196, friendly pepe.png)

Here's another steg decoder:


Here's one for png files - which are a lot of q files.


That's the site given in a 3am drop several months ago by a helper.

I've spent hours on this with nothing to show for it. But now we know it's real.

f04913 No.2301755


that's what i thought too - it has to be fairly easy-ish

02b0f7 No.2301765



try "rainbow" "Rainbow"

39b3e3 No.2301772

its not gaypride, prideflag, or rainbow.

f04913 No.2301784


going through imdb now

02b0f7 No.2301786


its been determined its case sensitive.

f3ca71 No.2301796

The filename of the version Q posted in


was "SSHGQQ". Has anyone tried that?

6f3be0 No.2301805

File: f31af21961affdc⋯.png (1.05 MB, 1913x1234, 1913:1234, dod_3.png)

File: adf8e501fead6f3⋯.png (316.33 KB, 2204x610, 1102:305, possiply_q_responding_to_m….png)

Some form of "Delta Fire" might be a password for one of Q's pics. I got this response to a graphic I made in May from a one-reply ID that I always thought was interesting. Might be worth a try.

02b0f7 No.2301806



f04913 No.2301822

the sarah silverman project

665c5c No.2301833


lgbt LGBT ?

02b0f7 No.2301837


idk maybe. I dont have the app

ddfd8a No.2301839

File: 3be6765ddb9a195⋯.png (6.9 KB, 527x110, 527:110, gay.png)

f04913 No.2301847

sarah silverman diva

*show from 2013

f04913 No.2301860

and bs that i will know way too much about psycho chick by the time we finish this. bleh.

02b0f7 No.2301864


02b0f7 No.2301877


4f758d No.2301887

Has anyone tried the NowC@mesTHEP@in—23! password? (Not sure if correct since I am work fagging). Surprised that wasn't tried first.

b856fa No.2301965

File: d54fc3b8fe9bb16⋯.jpg (58.74 KB, 438x473, 438:473, img702416.jpg)


run it on windows/mac:



02b0f7 No.2302019

File: 7ac4d180fb4b5f8⋯.png (28.7 KB, 601x376, 601:376, ClipboardImage.png)

try BigS or BIGS

6afb4e No.2302033

saving silverman

24b364 No.2302176

Old one haven't seen posted yet just got back in.


c11d15 No.2302199




174a02 No.2302293

Have you tried "I'm fucking matt damon?"

92c728 No.2302324


Just getting on & not criticizing, just an anon observation but this Sarah S bitch's ego is loving' the thread title & whoever's driving "The Sick Train" with her.

Always thought the flag pic was coded but I'm sure anons have jumped on that one.

e9e8c9 No.2302328

has anyone tried using a reverse steganography tool on the photo? the answer might be in the photo itself

84adce No.2302337

File: 4fb5ca81e020092⋯.jpg (749.34 KB, 723x1154, 723:1154, 3930a76b2028bf79781986862c….jpg)


is this woopies hair line?

49b7be No.2302377


An unselfish lover would be more attractive.

a13fa2 No.2302392

Did anyone try "the word apprentice"?

49b7be No.2302393


Who does she hate? Something vulgar about our esteemed President, Try that.

24b364 No.2302420




7316b2 No.2302460

File: 309ce4bc9ba2cc5⋯.png (88.47 KB, 653x477, 653:477, weird.PNG)


When I put in the original filename… I got this:

ddfd8a No.2302514

Does this PixelKnot app work for anyone? Both on my phone and on BlueStacks it just stays at 0%, even if I try to create a password on an image. Or once in a while it'll go right to 10% and stop there instead.

Even when I try it with the image the anon created and another anon confirmed. Doesn't work.

f3ca71 No.2302561


I'm having this problem as well, can't figure out why.

293dc0 No.2302562



Have you tried the date on the phone


or mirrored 8102127

The only thing i can think of beyond that is taking the numerical values of letters which would be gbab0ah - the zero maybe could also be the letter o

and that mirrored would be hao/0babg

52c510 No.2302568

Try "occams razor". Q said "use occams razor". Maybe a double meaning there

e95b0a No.2302569

Anyone try the first letter of every word? These fuckers love their cyphers. STFD. Maybe all the letters down and then across. STFDTHUOAECWNKND different shit like this. Also could include capital letters in her text too somehow.

293dc0 No.2302579


or even the date is it appears


Idk, just brainstorming here

f04913 No.2302583

mad king ?

from one of her tweets

52c510 No.2302599

Try rainbow in different variations (he Has the lgbt flag next to the user code). Maybe r@inbow.

52c510 No.2302613

"Skippy" for podesta if he is involved.

f04913 No.2302815


need something for stupid people - since message was intended for pedowood, right? not autists.

5b8087 No.2302893

Codefag here, i know a easyish way to find the hidden data if there is another unshopped version of this same picture? We are looking for a needle in a haystack without out it, the best approach is to first narrow down the haystack before doing brute force

293dc0 No.2302914


Show us the way, codefag!

f04913 No.2302918

Startford, CT

Silverman (Ben) - hollywood mogul

Ugly Betty?


c2f3b6 No.2302927

File: 44ca03df04bcd09⋯.png (758.11 KB, 1777x1041, 1777:1041, Qmages.png)

Alright guys, here's what you do.

First, create an image with a hidden text using pixelknot, or outguess.

Then run stegdetect on it until you learn how to get it to work and say "yes there is hidden data here".



Go to github and download the qanon.pub backup zipfile. It contains every image ever posted by Q in a folder.

Pic related.


Run stegdetect with the same settings as above on this entire folder.

If there is any hidden data, maybe you'll find it.

Good luck anons, I'd help, but I can't.


Just use stegdetect

It knows how to detect F5

1261d0 No.2302967

Can someone please explain how we can try this at home? Do we download the image that Q posted today? I was on 4chan the night she (or someone) posted the original pic, and I did not download the original pic she posted, dammit. All I did was make a screenshot.

Attached is the screen cap that I made, with the original image name and size details, etc.

Are we running Q's pic through a program? As in, did Q upload the original?

If so, Anons, can you please explain how we test passwords? I have some ideas that I want to try. . . . .

Thank you.

And on

f04913 No.2302972

File: ae604efca1b2ac8⋯.png (122.74 KB, 1302x673, 1302:673, stfd pg.png)


pic related

1261d0 No.2302980

File: 121f7bd4f65ca92⋯.png (640.88 KB, 1881x1083, 33:19, silverman.png)


Oops, here's the cap I made on 4chan.

7316b2 No.2303020

File: 6d81555d9e5f65f⋯.png (94.58 KB, 668x544, 167:136, stratford.PNG)

c2f3b6 No.2303066


Once you've done this

And if you want the hidden data in the Silverman pic too,

run this:



Is best.

Good luck.


ddfd8a No.2303362

File: a19406eca2565e1⋯.png (2.33 MB, 794x762, 397:381, SSpic6.png)

File: b9c65a03acd171d⋯.png (2.33 MB, 794x762, 397:381, SSpic7.png)

File: 5168f196a49660c⋯.png (939.49 KB, 362x652, 181:326, SSpic8.png)

File: 662126fde89726c⋯.png (1.01 MB, 380x684, 5:9, SSpic9.png)

I tried to recreate what the original would look like in an attempt to find the original using reverse image searches. Got nothing.

Brute force is probably the only way. I have no idea how to do that so it's up to you guys.

89f3b5 No.2303476



Thanks anon

are we sure this program would unlock a pixelknot msg? *no idea how the coding works sorry.

339ec2 No.2303556

trying to set a wordlist attack on the file right now but im not sure if the pass would be in any of the dict. files i have…. may have to rewrite the code to do brute force instead but its gonna take time… anyone use stegdetect yet? does it actually contain data or what?

0b4335 No.2303562


We have tried:


Someone try the binary?

4f758d No.2303667

Another thought: any anons tried any PWs against Q photos? Assuming white hats encrypted a message in photos they control, it makes sense that each photo in a sequence may have part of a message that becomes a whole when combined. (Like a PW) Will definitely try this later but still a work fag and don't have the right hardware to give it a go.

9c664b No.2303818

File: d8aaa89d82753c4⋯.png (833.46 KB, 720x1280, 9:16, Screenshot_20180726-210406.png)

File: 2ea43afd2ce82d5⋯.jpg (729.13 KB, 2016x1512, 4:3, 1510005033971.jpg)

I see gore/porn shill is here trying to discourage the search. Over the target.

Has anyone tried CH_Navy_Bund.jpg from Nov 6th post? It tells me wrong password after 66%

773ff1 No.2303894

File: 07d6b17721bffed⋯.png (156.87 KB, 476x427, 68:61, 54ec3336f50a911e75fcf6b996….png)


> tried to recreate what the original would look like in an attempt to find the original using reverse image searches. Got nothing.

This original?

7733e3 No.2304030

File: 6ce904d4fd1b630⋯.pdf (370.33 KB, f5.pdf)


Here's a link to the archived thread with the Silverman post:



(search 'wikileaks jbppa')

That email is damning–it's one of the best examples of collusion between the media and the HRC campaign I've seen. Inviting reporters to dinner is one thing, but that email has a) a preferred format for stories, b) a schedule for rolling them out, c) names named for maximizing impact (ie, release stories at this time so Andrea Mitchell can comment on them on her show a little later).

But what was used to find that isn't a password–it was something associated with a BV (maybe part of his/her username or trip code). Maybe the BV had seen the email before and decided to incorporate it into their name–it's an important one and should be brought to the public's attention.

I've attached a .pdf that describes the F5 algorithm. Here's some example code that someone else put up:


Digging through that code, it seems to rely on sun.security.provider.SecureRandom to hash the password:


Interestingly, one of the error types is a "NoSuchAlgorithmException" → NSAException

Maybe the NSA developed the pseudo random number generator for Sun Microsystems? That would be interesting, to say the least.

Anyway, that's a compilation of things I've found thus far. There is work going on at /VQC that may help somehow, but at the moment we're being taught how to deal with RSA. Maybe we'll be able to extend those teachings to this somehow…but it will take some time, as this is an entirely new way of looking at things for most (or all) of us.

a38818 No.2304062

Pixelknot won't work on my machine without upgrades.

For Silverman pic: try the obvious - misspelled words in text; also uncapped words at beginning of sentences

For Q pics: try letters in brackets; some strings even spell words

Wish I could work this myself on the "Who do you see?" pic. The plane pic, too.

ddfd8a No.2304115


Well shit. That's absolutely it. How did you get it?

0bb66c No.2304158



ddfd8a No.2304256

File: e46193f84740a9e⋯.png (610.89 KB, 476x427, 68:61, SSpic12.png)



They edited some details of course but it matches even down to the "alarmy" watermark on the left

773ff1 No.2304257


it's been floating around. Check out the neck though, she had a pearl necklace in the original but looks like a T-shirt in the shopped version. If there's something embedded or whatever, I bet its there in the neck (hope its not obvious how much of a newfag I am after that last statement)

0b4335 No.2304271

Got this out of the apple mirrored one. Check others for exif?

GPS GPSAltitudeRef: 0

EXIF DateTimeOriginal: 2018:07:03 21:18:35

GPS GPSLongitudeRef: W

GPS GPSDate: 2018:07:04

GPS GPSAltitude: 87612/319

GPS GPSLatitude: [34, 52, 4007/100]

GPS GPSImgDirectionRef: T

GPS Tag 0x001F: 10

GPS GPSImgDirection: 48211/3206

GPS GPSSpeedRef: K

GPS GPSLatitudeRef: N

Image Make: Apple

GPS GPSDestBearingRef: T

GPS GPSDestBearing: 48211/3206

GPS GPSSpeed: 0

EXIF DateTimeDigitized: 2018:07:03 21:18:35

GPS GPSLongitude: [82, 15, 3271/100]

ddfd8a No.2304331


Yea I saw that. Before we even got the original that T-shirt part looked very shopped to me

1261d0 No.2304369

Passwords To Try for Silverman Pic:





I would also go to her Wikipedia page and dig for possibilities there.

https:// en.wikipedia.org/wiki/Sarah_Silverman

1261d0 No.2304387


P.S. For what it's worth, when I tried


I got a message stating that it found text. I could not open it because I'm a moron and I didn't know which program to try to use.

Maybe that's it? silvermansarah

If I knew how to do this I'd try that. . . .

a7d73e No.2304402


You might start with a better understanding of what a "hash" actually does. It is not encryption.

Definition - What does Message Digest mean?

A message digest is a cryptographic hash function containing a string of digits created by a one-way hashing formula.

Message digests are designed to protect the integrity of a piece of data or media to detect changes and alterations to any part of a message. They are a type of cryptography utilizing hash values that can warn the copyright owner of any modifications applied to their work.

Message digest hash numbers represent specific files containing the protected works. One message digest is assigned to particular data content. It can reference a change made deliberately or accidentally, but it prompts the owner to identify the modification as well as the individual(s) making the change. Message digests are algorithmic numbers.

This term is also known as a hash value and sometimes as a checksum.

Am one-way hash is just that - one way (non reversible)

As an integrity check (dhecksum) you simply take the source, run the given hashing algorithm and compare the resulting has to the one inluded with the source material.

A match of those two "hashes" confirms the "message" is an unmodified replica of the original. Digital Signatures (using various algorithms) fill a "similar" function, as do message authentication codes like SHA- 256.

Like reversible encryption, the longer the better i.e more secure

Scripting languages are optimized for convenience, not speed so are inferior to custom hardware-based ASICs, similar to the old school generic "math co-processors"

How that helps to avoid wasting you time on hash "decodes"

6c872c No.2304459

File: dd0cd916950838d⋯.png (277.54 KB, 563x279, 563:279, dd0cd916950838d8463bdf9f51….png)

Try "SuperElite" or some variation thereof kek.

1261d0 No.2304488

File: bc87fe62999f684⋯.png (58.92 KB, 725x296, 725:296, SilvermanResult.png)



When I tried silvermansarah I got this:

7e4b51 No.2304619


Anybody try either of Q's blown passwords? I know one was something like bring the pain, dont remember the first

d96918 No.2304620


What do you mean apple mirrored one? Sauce?

GPS coordinates are for a home in South Carolina.

1261d0 No.2304644

File: 352a03751e8fde9⋯.png (160.45 KB, 997x607, 997:607, SilvermanResult.png)


This is the program I tried silvermansarah in.

339ec2 No.2304669

i tried to use pixelknot to encode my data and pass, then use steghide to access the data i created on the file from my PC and it doesn't work were chasing our tails

339ec2 No.2304757

used the f5stegos page yall using and i downloaded the data file but the encoding isnt utf-8 and came up with gibberish

7ee209 No.2304761


What the fuck?? clearly something was extracted from the image with this password, but what?

a7d73e No.2304763


So it worked?


Try "xyzzy" or "plugh"

5b8087 No.2304792

Sorry I went for a walk with fam. anyways my issue is this, say I have a 8 bit binary, 10101010 this is the original binary, now I'm going to hide my data (a single bit) 10101011 you can clearly see the difference right? Now what if I delete the original binary, what do you have to compare it to? The other issue with the f5 algorithm is what if I randomly hid my data through out the image, and used the password to generate this randomness, how do we know they used f5 ? That's why it's easiest to find a source image to compare.

ddfd8a No.2304816

7ee209 No.2304817


Never mind, I did it myself and opened the .data file in notepad, it's bunch of actual gibberish. Unless I'm doing something wrong?

8dd729 No.2304823

File: 8f5160009af9e28⋯.jpg (525.03 KB, 1440x2039, 1440:2039, huh hdjfue.jpg)

File: 59997d11ef4cb36⋯.jpg (742.57 KB, 1418x2406, 709:1203, ejdbduzjem.jpg)

File: 289e16bc17585e1⋯.jpg (2.08 MB, 1440x1646, 720:823, gsgshiuez.jpg)

Has anyone tried McGovern? Her mom Beth Ann Halpin was his campaign photographer and her mom also founded a suspicious group of theater types. I also question exactly HOW WELL KG knew her before 18 considering SS started at 17.

339ec2 No.2304836

depending on the passw is how much crap you get in the data file

5b8087 No.2304842


Q team knows all this, I think his message was really to tell us and they know what they're doing, you know? I love math, and cryptography and love the thought of sitting for hours trying to solve this but I have to follow logic which leads Me too the realisation that if they had even basic competence to them they could hide this data beyond my abilities to discover it fairly easy. Lol

5b8087 No.2304859


Actually that got my attention lol good find let me get on pc

7ee209 No.2304867

File: 061e31d9c27bd47⋯.png (152.02 KB, 500x372, 125:93, Confused Scully.png)


Yeah, I'm not sure wtf to do here.

4ad38c No.2304868


Historically they embed an image when doing steg. Gibberish could be another embedded file that needs to be renamed to the type. Sometimes you can tell if the embedded file has headers. You can download irfanview, install all plugins and try renaming to file,jpg — it will try to fix it if it’s an image and detect the file type / offer to rename it.

5b8087 No.2304890

ok, can you imagefags crop the exact portion of the image used in both pictures from the new picture you found? down to the pixel accuracy if possible? >>2304816

5b8087 No.2304901


what exactly did you do? with what program / password against the image ill download it and try to duplicate your results

7ee209 No.2304938


I used the f5stego.js site people are using with the password "silvermansarah" as an anon suggested. I'm now going to do what >>2304868

said to try.

Extracted data length: 76797 bytes

Data md5 hash: 6eca195b5e968b36b4b6425e08ed7baf

a7d73e No.2304966


Would you expect an ASCII text reader to translate a 24-bit or 256-bit color code?

Where did you learn about computers?

Sesame St?

What would a megapixel graphic look like in binary

IIf you looked a s HDD sector with a very powerful microscope, would you see letters, numbers or pictures?

Hint: you would see nothing since they are extremely localized magnetic fields.

339ec2 No.2304970

I pulled the file into hexedit and checked the hex for the code used to end a jpg image.. FF D9. All jpgs end the file like that.. If there was anything else in there it would appear twice once for the orig. And once for the embed… Only one, that file is bogus guys… No text or extra images… No PK in there so no zip file either…. Even looked for binary once again a dead end.

7ee209 No.2304982


Well, I tried irfanview using the extracted file from password "silvermansarah". No luck there, damaged/not found. Will keep trying with other passwords.

5b8087 No.2305009


it was a example in practice you would take the ARGB of a pixel which would be (a=0-255,R0-255,G=0-255,b=0-255) and change the LSB and then rewrite the image. I was trying to illustrate how hard it is to detect a LSB change when you view the image in a editor/image viewer without the original to compare it to.

4ad38c No.2305055


Can you post the text extracted using notepad - the pass may be embedded outside of the header and EOF - which you can do without impacting the image opening. They have also done this routinely. (Using a hex editor or something to embed plain text in files.) they are found in the Podesta WL. Many of them appear to be corrupt images and stand out more though from doing lousy steg

5b8087 No.2305060

File: a6c5fa3b26aa143⋯.png (181.61 KB, 476x427, 68:61, e46193f84740a9e1ca2c8d7d29….png)

See where anon pasted the hidden data sarah picture of the original they found? see the noise, static in the pasted portion? thats from file compression removing the pixels with compression, or that is evidence of the pixel colors being changed when data is hidden in them, if that makes any sense? i was trying to say that if you compare the original to the tampered photo you will beable to see a difference (either visually, or not with you eyes but by comparing the binary 0's and 1's directly)

9b76ad No.2305088



agree. whatever method also had to have been agreed upon & signaled back & forth prior in plain sight right under our noses.

5b8087 No.2305104


yes, exactly.

7ee209 No.2305119


Sure thing. Here it is for password "silvermansarah"


ddfd8a No.2305143


I had it matched up and then Photoshop froze up.

Problem is though the images are much different in resolution. Is that fine as long as the rest of it matches?

5b8087 No.2305158

for a further example, remembering that a image is made up of individual pixels and each pixel is made up of a ARGB value you can see visual what i mean about editing the LSB by going here and generating a Hex value for a color


mine is this #221d1d (this is a black color)

then ill change it to binary for us to see




now here is my color

0010 0010 0001 1101 0001 1101

if i change that to this

0010 0010 0001 1101 0001 1100

go and compare that color to the original?

they arent visually different to the naked eye

1261d0 No.2305160

File: fabd30ac56bac00⋯.jpg (139.03 KB, 723x1154, 723:1154, 3930a76b2028bf79781986862c….jpg)

File: 352a03751e8fde9⋯.png (160.45 KB, 997x607, 997:607, SilvermanResult.png)


Here's what I did, exactly.

First, I downloaded the pic that Q posted, and I left the name just as Q had it. For simplicity I'm uploading it here.

Then, all I did was go to this link:


I uploaded the file in the first slot possible ("EXTRACT") and for the password I typed silvermansarah.

That's it It yielded a file that I could not open, which I've tried to upload here but cannot because the file extension is not recognized.

I just uploaded the file on Anonymous File Upload, and the link to it is here: https://anonfile.com/33af62f7bc/1532658784766.data

So I guess if anyone can download that adn open it, that might give us a clue.

c8ace6 No.2305165


Bitch or the Jewish slang for it

c2f3b6 No.2305174


Yes it would.

da46d0 No.2305178


my 2cents..

if the SENDER is sending secret password secured messages… the RECEIVER must be able to find the PASSWORD..

i don't think it's a catch-all password for all images.. imho.. the passwords are included in the TEXT…

so, maybe examine the PUBLIC TEXT message with the IMAGE.. to find the PASSWORD..

have anyone checked the TEXT thats included with the IMAGE…???

5b8087 No.2305197


each evil pos has a public key they encrypted the data with. thats how i would do it lol


9b76ad No.2305207

File: ca4c62676032a30⋯.png (26.32 KB, 400x206, 200:103, STFD-leet.png)

File: 60749333fd2ab80⋯.png (87.43 KB, 607x308, 607:308, STFD-leetpro.png)



can't use the app, but here are the conversions if anyone wants to try.

6c872c No.2305213

File: 984780ec407c716⋯.png (263 KB, 457x446, 457:446, 984780ec407c7165dc29007de1….png)



So…all the unrelated gibberish and random pictures in the general breads really have meant something…

Baker girls, anyone?

4ad38c No.2305223



Thanks. The only discernible text is HEY;) - which seemed curious. It may be worth checking the original image for text —

5b8087 No.2305224


gore pics and muh black superiority pics

ddfd8a No.2305242

File: 0e8d4e142fe1300⋯.jpg (36.17 KB, 199x190, 199:190, SSpic15.jpg)

File: 6cea981a1235a9a⋯.jpg (29.8 KB, 199x190, 199:190, SSpic16.jpg)

c8ace6 No.2305244


whats the mirror image of Silver Man or actually Silver MAN, Gold Man?

da46d0 No.2305258

File: 424bd9d3a5fce3e⋯.png (175.49 KB, 890x199, 890:199, words.png)


examining the text..

"thing" stands out…

should be "think"…

6c872c No.2305266


Yup…and all that damn gay porn. Makes me think of ebot in a whole different light now too…

5b8087 No.2305273


is that the namefag with the long random stringer for a name?

f49b70 No.2305319


Alice & Wonderland

ileac an end world

il·e·ac 1 (ĭl′ē-ăk′)


Of, relating to, or having the nature of ileus.

ileus = to squeeze, hold in check.

an end world


ileac an end world

Is like saying ( to hold in check an end world)

da46d0 No.2305326

File: 7d15e51a00e0d5b⋯.png (172.29 KB, 890x199, 890:199, words.png)


*REAL* also stands out…

REAL Thing

REAL Think

ddfd8a No.2305331

File: 888d91617078cc0⋯.gif (42.01 KB, 199x190, 199:190, SS-GIF.gif)

Made this

(GIF - click to activate)

6c872c No.2305334


Oui oui kek.

5b8087 No.2305353

Q mentioned the android app, so i think that's the program we should be focusing on using with the portion anon posted above


da46d0 No.2305359


nice work anon…

60a619 No.2305371


I got it to 10%

Password is July212019

0b4335 No.2305383

File: af79a3b4a86e738⋯.png (165.23 KB, 476x427, 68:61, 07d6b17721bffed1b0f1bed9c9….png)

Remember the whole mirror thing q was on about?

Flip the suspect image horizontally and try attacking again.

Source flipped

60a619 No.2305387


I got it to 10%

Password is July212019

f49b70 No.2305413


So the miss spelled words are the passwords spelled correctly or incorrect?

a7d73e No.2305416


So who has the private key?

BTW a password is not and encryption/decryption key.

Also understand that "symmetrical encryption has one shared key that is used to encrypt and decrypt. Asymmetrical encryption has two keys on to encrypt and one to decrypt. Public/private key systems are one method but Diffie Hellman exchange is another.

It helps to understand the terms before theorizing from misunderstanding

da46d0 No.2305429


not sure..

just looking at the TEXT and seeing what sticks out (doesn't belong) to me..

773ff1 No.2305453

well, when you flipped it, it says Alamy in the correct direction now. Can't believe we didn't notice it was mirrored to begin with

5b8087 No.2305455


data extracts using July212019 as pass. Image is Q image of silverman.

nice work anon. data is encrypted i bet

a7d73e No.2305459


What do you expect the password to "unlock" or "open"?

293dc0 No.2305464


Yeah. Whatever it is here, it cannot be that difficult imo

We just dont understand the method they use or what it is we are looking at and are trying to go way outside of the box with it.

but who the fuck knows really

Most of this is way above my paygrade but I think you guys are doing great

Has anybody checked /pol to see if theyve made any progress?

9b76ad No.2305472


not a bad idea, but could be a needle in the haystack. just tried for a few minutes and could only find one anagram using all the letters.


no-brainer for a supercomputer, but we could be here for awhile trying this. and every string would need be tried in all combos.


9b76ad No.2305480

File: 16164fccdda0c29⋯.png (117.04 KB, 948x481, 948:481, STFD-anagram.png)

5b8087 No.2305486


say i have your public key, you can attach it with your email. i can encrypt the password to my data i'm going to send you with your public key (using a public encryption method). so then you receive the data i sent you and i encrypted the password for that data with your public key, you can decrypt that password but no one else can because only you have your private key to combine with your public key.

bc983b No.2305506

If its sigintel cointelpro shit to fear tf outta them and start the shit show… then youll have to BF it….

If its not, then run libs against it since theyve proven themselves sloppy time and again.

This is all assuming that theres something in that file to be had… anyone able to see how it changes footprint/hex of a file thats loaded with coms yet?

If no progress has been made, i can jump on this tomorrow… currently workfag slammed writting manual ascii scrubbers for utf-% files that idiots fcked me with or id get on it now.

da47ef No.2305534


can someone try prestige? didn't Trump repeat it the other day, something like remember Prestige…..

f04913 No.2305549

who wants to bet the secret message is 'scrub your twitter accounts"

bbe9a9 No.2305563


Don't mean to slide but everytime I read that I hear it in hrc's voice. Esp. the "Let me make something resoundingly clear…" part.

773ff1 No.2305577


or the song lyrics everyone was ranting about?

From sea to shining sea

bc983b No.2305589


From looking over the app info on their site…. i didnt get the impression theyde using keys for shit…. seems waaaay to much serverside nonsense….

Got the impression itd just be a simple hash compare… which means libs or BF…

Why key it when someone can slide you and snag the key in transit… better just to hash compare and give images imbedded with comms a life that ends.. safer as long as your users adhere somewhat closely to length of life terms for covrt comms

5b8087 No.2305617


yeah, if you thought you were super sneaky and smart, which Q makes fun of them for thinking they're l33t lol

9b76ad No.2305647

File: 7458c1c51a20866⋯.png (26.99 KB, 512x237, 512:237, Q709.png)



they could be mimicking DJT's tweet "misspellings".

worth a shot, can't hurt.

has anyone tried the decoding methods from this site yet?

5b8087 No.2305661


"if you", * meant "if they". Anyways, Q team seems to truly have everything. its basically military vs civilian assets, how can you compete? they are light years ahead of us as far as technology. who knows what q's team has and is capable of?

6c872c No.2305758

Another thought…what if the passwords are somehow comprised of missing letters/misspelled words from POTUS twats?

2fe7bf No.2305765


I think the name SilverMAN may be telling us as in XY. Maybe add XY?

da46d0 No.2305771


“Be Sure To Drink Your Ovaltine.”

1261d0 No.2305785


First, are people running passwords on the screen grab from 4chan? I think we should be runni g passwords on the original pic she embedded in that 4chan post, not on the picture W posted.

Silverman couldn't have hidden text in that.

So where do we get that original file named IMG_382?

Second, has anyone tried the word comedy?

5b8087 No.2305797


do you have the original or a link?

2fe7bf No.2305825




If that fails, try chicks with…

773ff1 No.2305844


its in this thread. First mirror it, because Im not sure anyone has mirrored the original 4chan image yet. The 4chan image is actually a mirror of the original Alamy image. so 4chan is mirrored. Mirror it again to revert to oriignal orientation

773ff1 No.2305853

5b8087 No.2305874



thats the one i used with the password above at

https://desudesutalk.github.io/f5stegojs/ as a test used the q image too, gota data out of that with the password above

da46d0 No.2305877

SarahSilverman |mirror| namrevliSharaS

SarahKSilverman |mirror| namrevliSKharaS

0b4335 No.2305889


there is no key verification

it will accept any key. if the key is wrong, you just get garbage

f49b70 No.2305896


I'm sure I'm wrong here because I always start with simplicity is the crown of genius.

Theory … if you going to give information you want spread near and wide and you have coded it … you want to make sure everyone with a heartbeat could probably figure it out.

Or with a simple online tool could figure it out like the JFK Con Room Q linked.

Well did we link to it and find out what time of decoding games it was using and use them on some of DJT's misspelled tweets or unusually worded tweets?

I can't believe the Anon's at the time didn't use the site to play around with decoding techniques to play against the sources Q was pointing to for us to examine. Like DJT's tweets.

So I'm asking did the Anon's already do that and confirm it was a dead end?

da46d0 No.2305907

901760 No.2305933


Coca-cola, the real thing.

It's the real thing, coke.

78c1c6 No.2305956


Think Mirror?


6b0c88 No.2305975

Google search "IMG_382.jpg" with date restriction to the same as when the image was posted and try google results as the password.

c7d269 No.2305982

According to Q, we have more than we know, and Qteam and POTUS have it all. Enjoy the show is one of his favorite phrases. All of this digging is speculation and useless. I sometimes wonder why Q posts anymore. We can meme, and redpill, but none of us are in the action. The stage has been set, the outcome is assured. Sit back. Smoke a stogie. Watch the movie. Someone hit the fast forward button though.

957512 No.2306237

it just occurred to me - the phone part could be Photoshop-ed in too.


331d9c No.2306246


Sorry if asked but has all of Q's attachment file names/numbers been tried?



f9f55d No.2306258

I've been looking through the source code for Pixel Knot and I found that it has a default password.

public final static byte[] DEFAULT_PASSWORD_SALT = new String("When I say \"make some\", you say \"noise\"!").getBytes();

If it was intended as a direct comm to Q then they would not have made things difficult for him.

Silly question: Has anyone tried not imputing a password and letting it go to defaults?

819ad3 No.2306351

Wondering why q said:

in “clear” sight…..instead of

In “plain” sight?

5b8087 No.2306366


That's the salt, not the password, it's used as part of the encryption process to add noise to the algorithm, good find though. Remember there is no such thing as a random number with a computer, that's why true crypto machine will get the noise or salt from say external sensors like current radio wave readings that are random. I'm CS we use pseudo random generators to try to make random noise with the password generators. Basically the salt plus the pass is helpful, but if it's hard coded like you said then the salt is applied with the password automatically. Make sense? I have no people skills lol fuck it.

449a76 No.2306387

Did you anons see this?


From main board.

Wizard of Oz references?

f49b70 No.2306399

File: 3be83a4d38f3758⋯.png (24.02 KB, 534x250, 267:125, ClipboardImage.png)


From this these crumbs, it would appear Q is saying download pixelknot. Which the Anons have done.

Take the pictures Q gave us and download them into the Pixel software program and figure out the password to untwist the knot and get the hidden picture.

The password has to be in the same crumb Q posted with the picture.

So the password is one of the words or combo of the words in that post as it makes the most sense to have the password accompanying the picture.

To simple?

957512 No.2306482


clear sight?

alamy? IDK taking a break

f9f55d No.2306493


Opps, wrong line.

Anyway, it looks like it has the option to run without a password. I haven't installed in in a sandbox yet, but was wondering if anyone bothered to try the obvious.

private String getPassword() {
if(!hasPassword()) {
return null;

return extractPassword(mPassword);

private byte[] getPasswordSalt() {
if(!hasPassword()) {

return extractPasswordSalt(mPassword).getBytes();

private byte[] getF5Seed() {
if(!hasPassword()) {
return Constants.DEFAULT_F5_SEED;
return extractF5Seed(mPassword).getBytes();

f49b70 No.2306502

File: e7b45630800a0b8⋯.png (229.5 KB, 576x756, 16:21, ClipboardImage.png)

Something BIG is about to drop.


Password ?


2fe7bf No.2306541


I posted it over there too, or at least the other connections. Only posted AgXY here.

a92cdf No.2306573

Guys, it's been a shill tactic for at least a year or two to show up, claim stego hidden cp msgs omg, then just do nothing. Aside from one or two pics that seemed to legitimately have extra data in them, nobody's ever found shit or posted anything we could repeat or confirm.

Wtf are we supposed to do, brute force stego passwords? This shit exists. It can be done. But there are steps we can take and steps that are retarded.

1. Confirm data separate from the pic.

2. Try passwords on pics with extra data.

3. Try to brute force these when nothing else works.

That's all.

Unless Q gives us the pw or it's a findable Easter egg, there's not much to do. W also might need instruction on how to interpret the data so confirmation of a correct pw isn't all that cut and dry either. And it might just be a fucking troll to get bad actors wasting their time the same way it's been done to us all this time.

Dig efficiently.

2fe7bf No.2306587


Don't know if these means anything, but the Silverman pic post was on 7/22 & Wizards, 'Yellow brick road' Q post was on 12/22, another coincidence?

331d9c No.2306623

what about e-bot??

Staring at us right in the face?

MXRSdefault etc etc?

Fuckin ebot must be for a reason, right?

f3343b No.2306677


a7d73e No.2306680


He post to keep up the morale.

Notice his recent posts are mostly open source from Normie World.

He doesn't need our help, and never really did.

We were invited to "propagate" as our role.

Some took it way too seriously like the Q team was waiting for our "research".

That was always for "our benefit" and his credibility. We were a small part of the messaging, but failed to deliver as normie news picked up the baton and ran with it.

We get trophy for "participation".

But like John Kerry's Purple Heart it is not like we saw any action ( He shot up some bags of rice on a wooden boat and got splinters in his ass, according to his crew).

He used it to impress people how he was in the thick of war and took a bullet ==> combat veteran Hero.

His crew ratted him out when he tried to run for president against Bush in 2004 after Gen.Norman Schwatzkopf took Iraq down in 3 weeks; Bush was his commander-in-chief.

Q is being "decent" and still comes around so we don't feel stiffed and left out.

Very few here are really making any effort on Qstuff anyways

Good think he wasn't counting too heavily on this board. The Plan would be FUBAR

a92cdf No.2306694


Ok maybe they're actually using that stego service and Q is juking us into ddosing the site with nonsensical attempts just so they're inconvenienced. Because seriously, what is our best option besides running a fucking dictionary against the picture via the site q posted?


415cf8 No.2306768


well hello there …dont you just have a magnificantt GLOW

shills will be shillin

9d1000 No.2306781







449a76 No.2306886

A good idea.


My guess, if there is a message in the pic, the pw is in the twat itself. Perhaps the FILE NAME?!

Maybe that's how Q got twat to name the pic DOITQ- reverse engineering their encryption?

Autists follow me? Don't have android.

a92cdf No.2306905

File: 4d94aef5145fe69⋯.jpg (48.22 KB, 794x762, 397:381, the_kuru.jpg)


Fuck this app is pretty gay.

I encoded some super secret stuff in this pic. Pw is the_kuru. You have to share the pic with pixelknot to open it because they hate menus apparently.

ad43ce No.2306938


perhaps her password would have to do with Duck "Doug" Silverman, her beloved pooch.

9d1000 No.2306995


Clear sight

Plain sight









248f26 No.2307098

It would be ultra poetic if the password was "Benghazi".

78c1c6 No.2307112

File: a835325dca3e3ce⋯.gif (4.72 MB, 500x500, 1:1, Loki2.gif)


>Something BIG is about to drop

Think Mirror


What rises?


a92cdf No.2307117

File: fabd30ac56bac00⋯.jpg (139.03 KB, 723x1154, 723:1154, 3930a76b2028bf79781986862c….jpg)

File: 5a7f006bc6398e6⋯.jpg (68.91 KB, 794x762, 397:381, 1532237608528.jpg)


Yeah i got nothing. All i can confirm is that pixelknot is pretty slow to use and it's definitely case sensitive.

Here's the pics. The screenshot is Qs pic. The other is the original from the 4pol post.

e38298 No.2307162

has anyone tried to use "hunter2"?

8bc67a No.2307176

Some variation of:


f9f55d No.2307211


The only way we are going to crack this thing is by reimplementing the F5 algorithm in something faster so we can make intelligent guesses quicker or simply brute-force it. I found the Java library used:


I don't know Java. So it's going to mean a bit of monkey-see-monkey-do if I'm going to port it to C.

I know what I'm doing this weekend. :)

293dc0 No.2307217


Or Haiti

a92cdf No.2307241


Oh shit i didn't even realize their method was known. I thought we were stuck using their app.

Good luck.

78c1c6 No.2307260


Best of Luck, Anon!

I believe in the You who believes that you can do it!

ade1a5 No.2307267

Slow anon asking: is % relevant? Had mine to 60%.

a7d73e No.2307281


Someone just echoing Q? Duh!

… Something big is going to drop..

.. Nothing small is ever going to rise…..

'Mighty oaks from little acorns grow'?

Seem like a contradiction.

Deductive logic does not allow for contradictions.

They are "illogical fallacies"

Reconcile your premise and conclusion.

They don't follow a logical IF →THEN

In your context that would translate to:

Nothing small (dough) is never going to rise

Double negative is irrational

How does a mirror modify your meaning

Perhaps you could state it more logically and coherently?

Thanks in advance

9d1000 No.2307362

Gematria equivalence of Stand The Fuck Down


Clear sight

Plain sight









a75a60 No.2307391


e7f6f3 No.2307463


Try replacing "Sit" with Stand and "Up" with Down- "SIT THE FUCK UP"

b02e9d No.2307624

“You think this is some sort of game?” - Silverman LARP

Thought the “game” references in Q posts might be relevant. Interesting lines in here.


23 Jan 2018 - 5:36:34 PM

The light will reveal those on the team and those pretending to be.

This is not a game.

They want us divided.

Last posts [self destruction] will immediately show the world the TRUTH.

Instructions will be sent on how to preserve offline.

You didn’t think this was simply about words did you? <————

We have it all.

Coming soon to a theater near you.



This is not a game!



Do you believe in coincidences?

How many coincidences do you need before you believe?

This is the biggest insider drop in the history of the world.

Pray. <———————-



14 Dec 2017 - 9:27:05 PM

Shall we play a game?

Find the spider(s) and build the web (the ‘map’).

Remember, they consider you to be the fly (specifically, the ‘feeder’).

Remember, they never thought she was going to lose.

Therefore, they never thought investigations and/or public interest into their criminal acts would be exposed/investigated.

Therefore, they never thought they had anything to fear. <—————

Therefore, they openly showcase their symbolism.

Therefore, they were sloppy. <————-

Hussein’s last speech in Chicago re: ‘scandal free’.

Why did he continually emphasize that phrase? <————— was this Hussein’s unlock passcode?

As a backup, they infiltrated and control the narrative (the ‘MSM’).

As a backup, they install only those on the team.

As a backup, they blackmail those that aren’t.

As a backup, they defined ‘conspiracy’ as crazy/mentally unstable and label anything ‘true’ as such.

This works given most of what they engage in is pure evil and simply unbelievable (hard to swallow).

The ‘fix’ has always been in – no matter which party won the election (-JFK (killed)/Reagan(shot)).

This was always the promise made to those who played the game (willingly or otherwise) (i.e., they would never lose power).

Power of the (3) letter agencies.

Power over the US Military (WW dominance to push against other nations and install like-kind).

These people are really stupid.

Follow the husbands.

Another Hint: <——————- PW hint???

Ian Cameron

McKinsey & Company

Clowns In America.

Dr. Emmett J. Rice.

Federal Reserve.

Everyone is connected.

How about a nice game of chess?


(No ability to enter trip code - last dump)

a7d73e No.2308040


Can you show your math so we can double check it?

f9f55d No.2308432

I found a way to modify the PC version of this to test is a password is correct. It won't decrypt it. If you happen find the right password you'll still have to use the app to decrypt.

First down load the PC version,


Unpack the JAR file and change line in /main/Extract.java from,

final F5Random random = new F5Random(password.getBytes());


final F5Random random = new F5Random(password.substring((password.length()/3)*2).getBytes());

This will cause it generate the F5 seed the same way that SteganoDecryptionJob.java in the app does it.

Then recompile the java using "javac Main.java" in the top level directory and then either repack the JAR file or call it directly from the command line like,

java Main x -p "passphrase" imagefilename.jpg

It will dump the result into output.txt. If it is the wrong passphrase it will give an error like "Incomplete file: only 0 of 123456 bytes extracted" (or it sometimes spits out some garbage). If it is the correct passphrase it will NOT give this error and the output file will be base64 starting with "—-* PK v 1.0 REQUIRES PASSWORD —-*"

It runs in about one second. And I could post a shell script to test whole lists of passphrases… but it's time for me to go to bed.

c33a02 No.2308581

This is just a gigantic troll to get the guilty to shit their pants. Classic psyop.

well played, well played

a7d73e No.2308616


How does the app recognized the correct bits to select.

For example 1024x1024 x 256-bit color is about 268,435,456 bits. (might be bigger if megapixel camera source)

Which ones are relevant?

ad9f40 No.2308796



Clear sight

Plain sight

Cl(EAR S)ight

= Ears?

Bunny Ears?

bc983b No.2308877


Im waiting for a larp in main that runs an image with that on halfchan now hahahahaha

a92cdf No.2308956


Niiiice. Wtf. It never even crossed my damn mind that there would be a prepackaged success check. Wtf.

I guess it makes the app run smoother because it doesn't have to try to comprehend the garbage. But it's like begging to be brute forced.

Any chance there's a prepackaged indicator of whether the pic has been encoded at all?

a92cdf No.2308982


Actually the fucking app just fails and sends you back to the pw prompt rather than spitting out gibberish so of course it's doing this. Nm. I'm a tard.

ce1f57 No.2309132

For all the non Androidfags.. Get an emulator, download Pixelknot. find a workaround for the files not on the emulator.. like one drive to get the pictures in the app.

fc46a8 No.2309173

I'll pursue this further tonight also if others are still pursuing. Workfag :-(

b9ef71 No.2309191

HookTube embed. Click on thumbnail to play.




How soon some forget …


President Donald J. Trump: A Conversation with America’s Future

Published by The White House on Wed, 27 Jun 2018 17:17:36 GMT

'"You amaze me," I commented … "A few years ago you were failing at everything. … Please explain this remarkable change in you."'

'"Really it was quite simple," he replied. "I merely learned the magic of believing. I discovered that if you expect the worst, and if you expect the best you will get the best. It all happened through actually practicing a verse from the Bible."'

'"And what is that verse?"'

'"If thou canst believe, all things are possible to him that believeth." (Mark 9:23)'

– The Power of Positive Thinking, Chap. 7, Expect the Best and Get It

b9ef71 No.2309219


>I discovered that if you expect the worst,

you will get the worst,

>and if you expect the best

you will get the best.

155810 No.2309365

File: f78d08b37801c42⋯.png (65.61 KB, 1080x1620, 2:3, Screenshot_20180727-140512.png)


I've just done this with the original pic posted on here (not Q's version) and the stego.js site placed a file on my phone called dinfo.doc but when I tried to open it my docs program told me it was a plain text file so.. Renamed to .txt and got this:


<KASDTSync canUse="NO"></KASDTSync>




<MSMode active="NO"></MSMode>


Anybody know what it means?

e63513 No.2309371

Q says "News unlocks". News from the day?

b9ef71 No.2309391

HookTube embed. Click on thumbnail to play.



"Even Better than the Real Thing/k"?


e5e7a4 No.2309404

TigerDroppings QBoard Daybaker here.

Maybe it's some weird deal vu, Mandela effect, or a glitch in the Matrix, but I could have SWORN that Silverman did post that very same text a few years ago about some other online kerfuffle.

I remember the part about "these are people's lives you are fucking with" or whatever the exact wording was.

Q says :


The author of the post…..

The face is never the author.

Direct comms come in many different forms.


I can't be the only person who remembers this. Maybe the original instance of this event will help unlock.

Who is photog of original Grammy pic?

b9ef71 No.2309498

HookTube embed. Click on thumbnail to play.




Ralphielarp's Revolt!

e5e7a4 No.2309730


>I've just done this with the original pic posted on here (not Q's version) and the stego.js site placed a file on my phone called dinfo.doc but when I tried to open it my docs program told me it was a plain text file so.. Renamed to .txt and got this:

No PW?

155810 No.2309755


Another anon tells me all I've posted is the key for the free version of Docs to go (my docs app) so safe to ignore I'm afraid..

Although I'm confused why "extract data" on the stegojs site would generate a file like that unless perhaps I'd need the paid for version to create the proper dinfo.doc? I don't know..

8888ec No.2309790


From the board…




POTUS opened the door of doors.

Another possibility.

85c226 No.2309825


why are there 5 periods after "The author of the post….."?

an ellipses is 3 dots.

e5e7a4 No.2310096


Excellent question. Even an ellipsis with a period is only 4.

41dfc8 No.2310136

How do you hide a message in clear sight?

With an anagram??



db5ceb No.2310185

1. Q wants us to solve his riddle

2. Q wants us to solve a riddle

3. Q needs us to solve a riddle

4. There is no riddle

e5e7a4 No.2310234


I don't think Q needs us to solve the image decrypt. QTeam already has it. I believe he's teaching us to fish and be able to catch other steganographic comms

db5ceb No.2310248


how about using the capacity of anons PCs worldwide to do the decryption job if nothing works?

just an idea that crossed my mind…

db5ceb No.2310262


same thinking over here in EU…


db5ceb No.2310407

Q said…read the bible

colossians 3:5 (clue?)

but…if there is a hidden message, the password will most likely be in the picture or text of the author. there has to be a stereo procedure to catch the password. otherwise Q would not have posted the pixelknot link.

9cb4ae No.2310428

"You have more than you know"

"The More You Know"

85c226 No.2310783


"The author of the post" is 5 words followed by 5 dots/periods. 5:5?


I'm workfagging so can't try any passwords.

dd2466 No.2311037


Break a Mirror. How many years bad luck?

dd2466 No.2311049


Agreed Anon. He/Test out power levels.

db5ceb No.2311170


not a test

he is educating

b856fa No.2311401

File: 12fdc0e82c7b5e7⋯.png (153.36 KB, 499x372, 499:372, img00117840.png)

File: 89155549e7eff58⋯.png (161.55 KB, 724x257, 724:257, wwg1wga.PNG)








codefag #2 here - took the f5 lib and pixelknot source and made a brute force tool - params are the picture and a text file with passwords


ce05b4 No.2311406



With the added effect of training/debrainwashing some of the public

ce05b4 No.2311463


Think of it as free education

Better than college

4341c8 No.2311664

File: 83a829cd1a05f95⋯.jpg (312.84 KB, 1410x1086, 235:181, key.jpg)

idk, just my mind thinking outside box

f9f55d No.2311819


No, there is no easy way to tell if the image has a hidden message. That is a design goal of steganography. But if there is a fairly large payload relative to the carrier image size then it's possible to detect it statistically. We don't know that there is actually anything there. We don't even know it this is the correct program or if Q was linking to it as a generic example of stenography.

The designer of this app did some really stupid things. First, the stegano layer only uses 2/3rds of the password. This obviously makes it easier to bruteforce. And if your big computer goes "ding!" to spits out 2/3rds of a natural language password then a human can probably guess the remaining third. The same password is used for the encryption. The second dumb thing he did was have the message start with the same sentinel string every time! And this is OUTSIDE the AES encryption layer. The F5 algorithm for distributing the message bits is probably not very cryptographically secure. Bruce Schneier would be mortified (then he'd break down in hysterical laughter). And what is the point of the bas64 encoding layer?

So we have a 6,000 year old global cabal putting there lives (literally) in the hands of some toy crypto program they found in the Google Apps store and expecting that to protect them from the mighty power of the NSA. These People are Stupid™.

f9f55d No.2311861


The app Q linked to does not have a public-key crypto option. I noticed a mention in the GitHub notes of the app author's plan to add that. But currently it's symmetric password-based encryption only.

b856fa No.2312680

File: 427ca4e389a5e0c⋯.jpg (43.16 KB, 246x273, 82:91, img702442.jpg)

File: de96635d8c0543d⋯.png (8.15 KB, 660x87, 220:29, rockyou.PNG)


>These People are Stupid™

but how stupid? any ideas for a better wordlist than rockyou?

b856fa No.2314235

File: f53e3d20e8f3741⋯.png (120.05 KB, 823x241, 823:241, boom.PNG)



anon posted a test image, pixelunknot works

e3aad3 No.2314745

try Mrs Silence Dogood

ddfd8a No.2315352


How would the average person use it (i.e. someone that doesn't have special software to be able to run something like that)? I tried and I couldn't get it to work (through command line) or by clicking the jar directly (missing main something).

Easiest solution?

b856fa No.2315699

File: 2bbb82da614b339⋯.jpg (50.56 KB, 400x288, 25:18, img10111091.jpg)


I'll see about packaging up something easy to use, I'm running a devfag environment

jdk 1.8


intellij community https://www.jetbrains.com/idea/download/

File -> New -> Project from Version Control -> Git


little popup click "Add as maven project"

"Maven Projects" menu sideways on right side

, PixelUnknot -> Lifecycle -> package -> run

error message about jdk, click link, set the jdk-1.8 (new, browse to where you installed it)

run -> edit configurations -> + -> application

Main class: q.Main

Program Arguments: Q4example.jpg passwords.txt

ee8f98 No.2316353


Below code to generate a diff from the upstream repo to anon's PixelUnknot program.

This is to ease up code review, as we all know, that we shouldn't run code that we can't understand. This should make it easier to understand what anon changed from the original library code.

Tl;dr: this code is not necessary to run PixelUnknot, but it may be helpful to run it in order to see changes and ensure there's no harmful code included. Based on my preliminary audit there's no such code included. This code (not PixelUnknot!) is Unix/Linux only.


git clone https://github.com/banona/PixelUnknot

git clone https://github.com/harlo/F5Android

rm -rf refrepo; mkdir refrepo

cp -a F5Android/src/main/java/info/guardianproject/f5android/plugins/f5/ refrepo/f5

mv refrepo/f5/james/ refrepo/james

rm -f refrepo/f5/F5Buffers.java

cp -a PixelUnknot/src/q/james/*.txt refrepo/james/

diff -waur refrepo PixelUnknot/src/q

b856fa No.2317207

File: 407a6037cae1ace⋯.png (94.19 KB, 594x627, 18:19, f5detect.PNG)


handy! cpu is pegged going through common passwords on https://i.4pcdn.org/pol/1532237608528.jpg

looking for a way to detect if there is actually steg data in the image, pic related is from https://etd.ohiolink.edu/rws_etd/document/get/kent1310505218/inline

54166b No.2317227

File: 89007bb11bc2ab5⋯.png (144.17 KB, 999x579, 333:193, ROT=Rotation-Q.png)






>simplicity is the crown of genius

ROT cipher?



b856fa No.2317331

b856fa No.2317351

File: ccf2823705cfc29⋯.png (2.98 KB, 254x53, 254:53, rot.PNG)

File: aee8944c51aa43c⋯.png (132.71 KB, 398x273, 398:273, img00031720.png)


great idea, no dice on those

b856fa No.2317452

File: f2a2edf6e2f8349⋯.png (30.26 KB, 1089x214, 1089:214, sstext.PNG)


maybe something in the post text? https://archive.4plebs.org/pol/thread/179647411/#179647703

54166b No.2317466




a7d73e No.2317510


What;s taking so long to break this encryption?

Austists in movies do in within minutes.

No mad skillz here?

b856fa No.2317532

File: 55c42aa2c799da3⋯.png (22.17 KB, 251x428, 251:428, jktEn3b5.PNG)

b856fa No.2317551

File: 6c3991d91e0530d⋯.png (212.83 KB, 512x256, 2:1, img00005711.png)


right? must be all the pixels, need more zoom and enhance.. brb i'll do a visual basic program on unix it'll be faster

54166b No.2317706


hmmm, ROT-7 for g? (or 19) (spitball)


>"thing" stands out… should be "think"…




54166b No.2317716


oh well…thanks for trying.

back to the drawing board.

5b8087 No.2317736


Similar crappy bugs to the first encryption app I put online i used the bytes of the hash of the users password and appended it to a string to feed into a password algorithm but I did this lol

Byte [] pass = new byte [stringlength];

Then I appended it to the string like this, string+pass.ToString () it literally appends "system.net.byte []" in c# lol anyways, where are we at with your unknot app? How can I help?

b856fa No.2317909

File: b8627340d5a5835⋯.jpg (123.57 KB, 356x435, 356:435, img702457.jpg)


thx anon!

wrong password LMTGW MAX YNVD WHPG

wrong password ZAHUK AOL MBJR KVDU


> where are we at with your unknot app? How can I help?

the app works and is multithreaded but it'll take me days to get through the millions of passwords in crackstation-human-only.txt and leaked_db-rockyou.txt

if we want to brute force we need to package into something easy for other anons to run (docker container?) and divide up the wordlists…

the paper on f5 detection says decompress, trim by a few pixels, then recompress and see if there is a difference in the color distributions… would be great to know there's actually data in this image

otherwise we keep looking at the code for ways to narrow down the search domain, we know we only need the first 2/3 of the password

e629d8 No.2318007

has $ubstituting $ for S been tried $arah$ilverman combinations? follow the $$$

2e9b47 No.2318049







Not working

257f77 No.2318122

Try "shibboleth"

e6b647 No.2318261


How about "show no mercy"

37d042 No.2318270


Her brother died as a baby? First born son? How about his name?

e6b647 No.2318321


or just "shownomercy"

for Q's post re samsung phone/ slayer song

b856fa No.2318325

File: a66824fdfe3de85⋯.jpg (41.45 KB, 275x333, 275:333, img10100075.jpg)



wrong password show no mercy

wrong password shibboleth


put a list together, happy to run it

e6b647 No.2318363




e6b647 No.2318388





e6b647 No.2318413


whoops cometpingpong


e6b647 No.2318443


OK some of those are jokes

Cant help it

sorry dont mean to waste your time.

if i find something ill post

b856fa No.2318490

b856fa No.2318493

File: 25969d12a4e24e9⋯.png (283.47 KB, 760x407, 760:407, toldyouwedgetcaught.PNG)

aeb934 No.2318514


Your eyes will bug out when you find out what’s in it

I’m not gonna pretend to know what’s in it yet but this shit is deep. I know it’s being slowly walked and for good reason but FFS I want a MF covert heads up which day to take off work so I can see do the perp walk. Hopefully separate day as Renegade so I can have two DayDrinking holidays this summer.

5b8087 No.2318545


Looking at this with a simple console app. where did you get your word list from ?


5b8087 No.2318616


i see only 2/3 of the password is used in your prog so ill do the same

from_password.substring(from_password.length()/3, (from_password.length()/3)*2);

e6b647 No.2318632


I hate to beat a dead horse but from the the message under the pic my intuition, again after seeing the q post re slayer evilhasnoboundries

else it has to be boxed out in the image code.

if I was gonna send a message i would include it there in the code

or its a password they all use to get into the parties. gotta be

b856fa No.2318660

File: 65f47bf5206483b⋯.png (65.37 KB, 284x268, 71:67, img00073490.png)


>No wonder these assholes started wiping their social media pics


5b8087 No.2318667


lol the special pizza door knock like a underground beerfest lmao.

7c11d8 No.2318674


Has anyone tried fivebyfive

Also did an alphabetical substitution on COVFEFE and the letters are


those letters become



Thats all I have. Just wanting to help

7c11d8 No.2318727

Answering myself here it could be URLSEES

possible password

e629d8 No.2318772

any Ideas who "the author might be ? could be their pass? I saw a name in hollywood anon post high priestess cant find it

cant remember it

The author of the post…..

The face is never the author.

Direct comms come in many different forms.


e6b647 No.2318783




Nice, no shcilltards here!

7c11d8 No.2318793


Shirley MacLaine?

e629d8 No.2318843


think it was Shirley Mclaine TY

7c11d8 No.2318875


Shirley MacLaine. I remember back in the day she was into all that channeling and crap.

e6b647 No.2318880


marina abramovic?

e629d8 No.2318923


Warren Beatty is Shirley mclaines younger brother never knew that

b856fa No.2319036

File: 4ebe3a1d4a6c405⋯.png (247.85 KB, 806x325, 62:25, morewords.PNG)




I'm using a couple of common password lists (crackstation-human-only.txt and rockyou.txt), about 70million total along with anything any anon posts

went through and double checked all the ideas in this thread, still no luck

anybody else have a list of words to try?


right! if the results start with the string —-* PK v 1.0 REQUIRES PASSWORD —-* then you have the right first 2/3 of the password

e5806b No.2319042

File: a8b04efcc1f8dc8⋯.png (121.37 KB, 724x579, 724:579, Beale cipher USNA.png)

S.T.F.D. - a reverse Beale cipher?

see reference to DoI.


hunting down Gillogly's program.

will post any results to run.

e629d8 No.2319053

File: bce237f1709aae1⋯.jpg (60.34 KB, 689x450, 689:450, Nancy_Reagan_with_Warren_B….jpg)


Beatty with Diane Keaton and First Lady Nancy Reagan, at a White House screening of Reds (1981)Beatty is a longtime supporter of the Democratic Party. In 1972, Beatty was part of the "inner circle" of Senator George McGovern's presidential campaign. He traveled extensively and was instrumental in organizing fundraising

5b8087 No.2319101


how can i anonymously post code so others can use my C# version? im writing it to drag and drop images and a word list to run against all images.

Console app, nothing fancy, linux friendly

b856fa No.2319105

File: 8f480f809609934⋯.png (25.37 KB, 826x183, 826:183, ClipboardImage.png)


oh wait that's not right, it's from_password.substring((from_password.length()/3)*2)

e629d8 No.2319114


sorry going off the password topic back to lurking

5b8087 No.2319182


so the password is from index 0 to 2/3 so the first 2/3 from zero youre saying right?

b856fa No.2319346

File: 9dd1c6cc5c25f62⋯.jpg (47.34 KB, 195x512, 195:512, 1980-12-00650.jpg)


right, the f5 seed is the first 2/3 of the password

a51533 No.2319432

There's a program for Linux that works very well for shit like this. You input all the known information about the person. Dogs name, birthday, anniversaries, siblings names. It'll take all the info you can give it. It basically takes all that you input and it mixes up the order and does more and it'll create a huge word file that you can then use to brute force it.

9c664b No.2319635

File: cace2a7cc3e4187⋯.png (136.18 KB, 720x1280, 9:16, Screenshot_20180727-205318.png)

File: 0c564801a4aa40b⋯.png (90.43 KB, 720x1280, 9:16, Screenshot_20180727-205535.png)

Realized this comment may be better suited here than in the general thread


The first review that shows for me on the Pixelknot app complains that he noticed the app sending data to another server. Dated May 2017

The Guardian Project replies they do no such thing over a year later. Dated June 2018

The app hasn't been updated since Feb 2017, so whatever that user found is still programmed in the app.

Can someone with Wireshark or another packet sniffer confirm any odd network activity from the app?

My hope is that traffic was transferred to a white hat server

>We Have It All

a7d73e No.2319746


That is the inverse of FK U

It means FK ME

c1d589 No.2319811







5b0ccb No.2319860

File: 36e46acad64eb0a⋯.gif (997.49 KB, 425x259, 425:259, 36e46acad64eb0a11eb4641829….gif)

PNG. pong pizza [HI]dden in plain sight until JA. (DR)opped emails!

IF you pay attention Q has A[][]0^^&[]) U.S. 4[][] o|# ][+.

Truth IS behind U.S.

We really DO have MORE.


ED[]—[ Carefully re_read:

5b0ccb No.2319895

File: 0282a3eb047733f⋯.gif (946.38 KB, 360x200, 9:5, 2a1fd507bb6ae0c5cd043ec0ae….gif)



c1d589 No.2319972


Can you please explain this? Sorry but not all of us are geniuses and I really want to understand.

5b0ccb No.2320042

Believe I want to anon. Given the Boys are in a bit of bad weather is the only reason I hesitate. stay with us though soon as shes clear ill elaborate.

c1d589 No.2320065

5b0ccb No.2320197

File: 9957962395a28a1⋯.jpg (21.46 KB, 323x202, 323:202, FMM.jpg)

"Sorry but not all of us are geniuses and I really want to understand."

That's very kind but the truth is you n I are no different. Trust me

fbcff9 No.2320266

Cicada 3301

5b0ccb No.2320316

Cicada = Solved

Q = You haven't the foggiest

5b0ccb No.2320502

Tiptoe over to the Baphomet /b/ Lurk There.

Observe them Joking about a 9 yr old and

things most foul while her parents watch helplessly.

Lurk MORE!!! Not a game and Its not a joke.

These fucks are actually laughing about something they witnessed (Deep Dark). Think its a game? Think its funny?

Know what I thinks funny? The face your father made on the nut which you were conceived. They are all as guilty as the ones committing the crimes. As are all of you who turn a blind eye to injustice,

a7d73e No.2320614


So what action are YOU taking besides bitching at others.

If you really care. DO something or GTFO

d0a28a No.2320708

Guys I don't want to burst your bubbles, but If I'm a child sacrificing deepstate bad actor hiding a message to a fellow sick fuck in a picture…

I'm not going to make the password real words that someone can guess. Not when my freedom is on the line.

5b0ccb No.2320723

File: 560933c7e4939cc⋯.png (177.02 KB, 1366x768, 683:384, Screenshot (89).png)

Im limited to research these days.

Ever been the victim of Gang Stalking?

Not just a yootoob vid

Like it or not the truth is yours to know.

Like Qs Cockpit photos being pics of the Sver.—get it.

5b0ccb No.2320796


So tell me.

What are YOU doing to contribute?

[[]]ZM []))//\\V y78ijh xdfv

dfe44a No.2320846


Could it be something in the mega meme drop?

b856fa No.2320854

File: bae33cd0cd46538⋯.png (67.67 KB, 313x271, 313:271, img00129090.png)


you made me laugh so hard… oh i know, i fucking know, but i have to try

e6b647 No.2320932






So there are over 8000 false gods mentioned in the bible

if i post a list, can you parse out the names?

It looks easy enough for a coder

list looks like

Name Origin Description

1. A Babylon/ Chaldea A moon goddess

2. A'as Hittite/ Hurrian The god of wisdom

3. A'ra W. Arabia A local god

4. A-a Mespoptomia/ Babylon/ Akkadia/ W. Semitic She was a sun goddess

5. Aa Maakhuer Egypt A lion god of truthful speech

6. Aabit Egypt A goddess of song

7. Aaghu Gugu Cherokee A goddess of the of the dawn

8. Aah Egypt The moon god of Memphis.

9. Aahmes Nefertari Egypt A protector/ punisher of humans elevated to goddesshood

10. Aakuluujjusi Inuit The great creator mother

11. Aasith Egypt/ Syria A goddess of the hunt, war, and the desert

12. Aataentsic Iroquois A goddess

13. Aatxe Basque An evil spirit capable of assuming human form

14. Ab Kin Xoc Maya A god of war

15. Aba khatun Baikal/ Siberia A sea goddess

16. Abaangui Guarani A god whose huge nose became the moon

17. Abaasy Yakut/ Siberia Netherworld beings

18. Abaddon Hebrew/ Christian The chief of the demons of the 7th hierarchy

19. Abandinus Roman/ Celtic/ British A god known only by inscription

20. Abarta Irish A god of the Tuatha De Danann

21. Abassi Efik Creator of the world

22. Abat[t]ur Mandaeans It weighs souls &/ or their deeds

23. Abeguwo Melanesia/ New Guinea A rain goddess

24. Abello/ Abellio Gaul A god of apple trees

25. Abeona Roman She is the goddess guardian of children l

e6b647 No.2320970

or here's the link


e6b647 No.2321001

These sick cock suckers like to name them selves as gods so maybe

e6b647 No.2321034


Probably use excel even

2fe7bf No.2321264


Any of them both a male & a female?

Sarah means Princess with SilverMAN

We've all heard of a drag Queen

10482b No.2321305

Anyone working on the Q Drop Images?

5b0ccb No.2321508

Still with me? c1d589

e6b647 No.2321600

f04913 No.2321613

so… we should proally try to bust a few twitter pics too - wondering if that would help us break the code. if they are all doing it - there must be a set way they give out the password and not just everyone knows it beforehand.

like tom hank's weird number + neptune remark.

have we tried stfd THUO (thou) aecw nkn (d)

*taking all the letters in column order for STAND THE


Or just split it in half and line up that way?


0efd35 No.2321660

Been trying to crack the picture for the last couple days.

I didn't know there was a thread.

Have been using Stegcracker to try multiple dictionaries of brute force attacks.

It seems to like 64 char+ passwords as those are the ones that get actual attempts.

Have been running for 2 days straight now.

Need newer dictionaries with long passwords.

Tried Rockyou, crackstation(failed, file too big), Apnee, all of Sublazer.

Nothing has worked, but the long PW's seem to be making actual attempts.

8f7d32 No.2321761

Another stego detecting tool straight from the f5stego file


8f7d32 No.2321902


From the f5sego readme

Note: this implimentation is not compatible with [original code](https://code.google.com/p/f5-steganography/). It uses different shuffle algorithm and stores meatadata (used coding, data size) in a different way.

Does it matter?

7c73bd No.2321984


Stegcracker is designed to crack file made by Steghide. Steghide used the Least Significant Bit (LSB) method. PixelKnot uses an algo called F5 that works by modifying the non-zero DCT values in a JPEG file. Stegcracker will never crack it. My condolences for your electric bill.

I'm scoping out the feasibility to making a similar tool for the F5 algo. The only way we are going to ever crack this thing is by generating and trying millions or billions of passwords. The Java implementation would be way too slow. It's about one second per test. Thus, someone needs to implement a very efficient minimal test in C. Most of it is pretty straight forward. But PixelKnot uses SecureRandom for the all-important psudo-randomness generator. So I need to make a byte-exact recreation of it's behavior. That's where I'm at. The exact code for the SHA1PRNG algo is surprisingly elusive.

It's going to take a while. I am starting to wonder if it's really that important to see whatever trash talk someone was sending to Q.

A slightly shorter route is to just implement it in Java. It woudn't be as fast but we could get it sooner. There is a LOT that doesn't need to be repeated for each test (extracting the image, Huffman decoding, etc). There is room for several orders of magnitude improvement over hitting the Extract function again and again. However, I'd have to learn Java. Some other codefag could probably do this before I finish reading the Java 101 tutorial. Read a line from STDIN, treat it as the password, decode the first few bytes, then if it's the correct sentinel string print the possible password– else continue at top with the next line from SDTIN.

19914b No.2321986

Have yall tried Illuminati or Illuminati_rulez?

0efd35 No.2322011


stegdetect came back as negative for message

a5ad5f No.2322121


These people are stupid… So, I wouldn't be surprised if the password was something as simple as Donald Trump, or Donald J. Trump.

8f7d32 No.2322151


im thinking logically. If it's a message that has to be read by multiple people with multiple intelligence levels, the password should be something either easy to remember, or if it's a different password each time a hint is given in the text or the picture itself.

5167a0 No.2322238



Bare with me on this one…

So Q’s last 4 posts were the ‘Device test’ posts. The letters following ‘device test’ in the last 3 posts were E, X, & C. EXC is the ticker symbol for Exelon, a (((Rothschild))) company. It’s also a nuclear energy company. Also, these posts were made at 10:51 - 10:53 PM in Moscow’s time zone, when the eclipse of the blood moon was at its full there. It is also a lunar shift from Capricorn to Acquarius, and the solar shift between those two signs is from Capricorn (ends January 19) to Acquarius (Starts January 20). January 20 Trump became President. Q also said REBIRTH, which is what the blood moon represents.

Although there is nothing directly tying the ‘device test’ posts to the SS post, variations from the keywords that can be derived from the paragraph above might be part of the password:




Blood moon







January 20



A very large stretch, but might be worth trying variations or combinations of those keywords and numbers.

5b0ccb No.2322281

Smacked my head about half a day on this thing.

See so many do the same. Lets put that energy

towards something productive. Never know the answer you seek may be inside. Q if its a matter of our safety not to divulge please call me down 30 mins

a7d73e No.2322286


How do you know which one was used to "encrypt"

Have you done the calculation on how long 1 billion seconds really is: 60 (sec) x 60 (min) x 24 (Hours) x 365 (days) = 31,536,000 seconds per year.

1,000,000,000 / 31,536,000 = 31.71 years

Better get some more computers

5167a0 No.2322344

Dailymotion embed. Click thumbnail to play.


Husain has some ties to Exelon too

5b0ccb No.2322396

File: 9724b17c9a46c53⋯.png (866.33 KB, 1920x1080, 16:9, NAM.png)

>>319860 >>2320197

Take photo from Qanon.pub

R-click send to

Compressed zipped folder

open folder w/photo inside

R-click edit copy contents into

rich text document helps a little

Access to Qs hidden drops

Now for the tricky part…

0efd35 No.2322455


I don't, that's where a large part of the problem.

My computer, while running the stegcracker, was doing about 30 tries per second.

I had 8 going at once, so 240 tries per second.

so about 20,000,000 per day, it would take about 50 days with my current usage.

If I used all my threads, it would take less than a month for a billion tries.

c7c18a No.2322652


>Know what I thinks funny?

That little arrow to the left of your name? Funny to me.

c7c18a No.2322691


Dubs confirm. Not just some ties, they own his fake black ass.


Good grab of EXC. Very important topic, but most likely completely OT here for now.

If you start a thread about it, will gladly participate.

EXC not only the power provider for DC and the mid-Atlantic region, but arguably the largest Uranium consumer in the world. That's beaucoup power.

5b0ccb No.2322715


as in ]——O–→


a7d73e No.2322735


Where you getting those1 billion passwords?

What if there are 2 billion?

Tick tock

1bdc14 No.2322743


the silverman pic is just a crosspost from /pol

worry about the qimages, the ones with legit evidence in them, gonna have to bruteforce sarah's use john hte ripper, wordlists, hashcat

try stegbreak if you can find a working version

this is a 25percent slide pretty much

usually passsword hidden in alpha channel or lsb, maybe stegshow will work, just typing in shit is no way to go about it, recon her and her twiter, find out which words she uses the most, subjects talked about etc, like phishing…..

1bdc14 No.2322750



here a list of images i detected to have steg most are f5

a7d73e No.2322913


BY brute force do you really mean "Try lots of guesses: or do you have some supercomputer?

Only the weakest cryto has bee susceptible to brute force in the last 20-25 years.

You been watching too many movies where the genius hacker only need a couple minutes.

Do a simple calculation by talking the full ASCII code exponentiation to the power of the max length of the target password.

try a simpler example 26 letters to the 10 power. That is way low but I think you can see from all the permutations of that small set, what a "brute force" method might entail

hint: 26^10 = 141,167,095,653,376

make the set larger all ASCII characters (upper case, lower case, numbers, symbols etc) and look at max password length - you get the idea

THEN, worry that it may use something other than ASCII (english), like Cyrillic, Japanese, Hebrew, Arabic etc.

About 20 minutes should be enough, ya think?

Lastly consider how idiotic you sound to someone that actually understands crypt, including stenography

BTW what makes you think the password is within the graphic?

That would be dumb, since it could easily be shared separate from the document.

If so you would have to examine the entire (megapixel?) files as a contiuous binary number determine the edge/boundaries of the individual color code 8-bit/24-bit/256-bit etc.

Then you need to examine each group and fine the odd ones that weren't color codes and "hope" the substituted a "character" in place of the bits in the colorcode.

About 1,0000 years would be a good guess on that kind of brute force,

But you wouldn't need any password if you knew the substitution pattern/scheme.

Confused and overwhelmed yet?

b856fa No.2323524

File: 0dacebd90902e54⋯.png (83.67 KB, 192x311, 192:311, img00015170.png)






wow we must be doing something right if those that glow in the dark in here…

why go to the sarah password thread and talk about how impossible it is unless you wanted to discourage anons from finding something

it's only a matter of time before we figure this out

tick tock

b856fa No.2323552

File: 532e149f3500340⋯.png (337.76 KB, 621x384, 207:128, img00021610.png)



would it be something to focus on the string "—-* PK v 1.0 REQUIRES PASSWORD —-*" that pixel knot uses? if we know that is in there somewhere can we use it to find parts of the password?

e6b647 No.2323776

Anyone working this list >>2320932



Over 5000 false gods listed here.

The names they like to give them selves.

31d8be No.2323844

File: be7880f47d2466e⋯.jpg (30.74 KB, 319x413, 319:413, 1532771563425.jpg)


Time line that has occurred between 7/19-7/22

>Hollywood Anon posts lists and names and occurrences on pol

>few hours later james gunn info breaks on pol and floods the interwebs

>mass media panic and twitter start to be deleted

>mass archiving of said twitters with 1000s of big wig Blue checks in serious trouble with horrendous tweets

The tweets all seem to revolve around this inside joke of fucking, rapeing, murdering, eating, and other degenerate satanic acts

>Dan Harmon deletes his tweeter and begins scrubbing social media after bad tweets AND a video of him rapping a rubber baby doll

>a major player in Hollywood posted here after that and thought it was private

He posted his tax return gross income of 327 million for last year…

He was demanding you talk to Admin…

> on July 22 the many threads and I investigations here were SHUT DOWN and blocked and mass people were banned for 2-14 days…

Many refugees in FullFeg

This video is a must!!!



Hollywood is the Royalty of America…

And commit just as much evil as them also

b856fa No.2323986

File: 8c1cdbcfa122d01⋯.jpg (197.38 KB, 1035x1023, 345:341, img10111071.jpg)


> implement it in Java. It woudn't be as fast

surprisingly java is nearly as fast as c, and faster than c++, for this type of thing

>There is a LOT that doesn't need to be repeated for each test (extracting the image, Huffman decoding, etc)

killer ideas, updated PixelUnknot to do exactly that and it is much faster!!!

>I'd have to learn Java

easier than you'd expect…

b856fa No.2324113

File: a9d98cb84333ba7⋯.jpg (45.75 KB, 496x296, 62:37, img10111028.jpg)







brilliant anon! I grabbed the list and ran it, no luck… am running it in all caps and all lower now, we'll see

b856fa No.2324178

File: 816b972b7f80ec8⋯.png (147.47 KB, 670x288, 335:144, ClipboardImage.png)

dd2576 No.2324602

Test xyz

1bdc14 No.2324773

File: e4273d4f2b3d807⋯.png (22.72 KB, 526x134, 263:67, franksghost.png)


its a rot cipher, not too hard, 7 extra bites at beginning of file, you can read most of it if you remove some red and black

i cant be for sure but i see fap, papa, vegas, dead, bass, then mirrored numbers, but theres still noise bytes in there, dont go to any festivals lads…… theres also words like this










i can also see 20 20 we vote dc, and then some shit that looks like a ransom letter for BO but it might just be referring to last president

we have to solve this lads i was wrong, until BO shows up we DO have to solve this wwg1wga, pray for him.

im close but i been at it 36 hours i need sustinance, im still using least significant and most significant bit, what else does that pixel knot program do?

1bdc14 No.2324791


i saw g0d and baal in this as well as in the steg video im still trying to extract so thats gotta be a password of some kind, some combination

dd2576 No.2324875

Second test

dd2576 No.2324893

Okay, finally figured out how to post.

I will always post with the name UT. How do I keep the ID static?

ed5877 No.2324916


Can anyone confirm that this is the decrypted data?

b856fa No.2324926

File: 01cf58a354cfd40⋯.png (164.69 KB, 659x351, 659:351, ClipboardImage.png)




oooh that's not how substring works - that param is the start index - it's not the first 2/3 of the password


if we find the right 1/3 of the password we can confirm there is data in the image!!!

9c314c No.2324935

"you think this is some sort of game?"

no game?

what is it?

would it make more sense to have the password within the img?

…or do a split (message/password)?

9c314c No.2324945


the is one typo


dd2576 No.2324975

I started looking at the Q stuff at the end of February. I worked elsewhere because I was told that it's very hard to work here because it's a hostile environment, so I stayed away until now.

We need to dig into these files with new eyes, folks. Q created that file specifically to let us know that there is steganography in use and that he has sent us info that we haven't found yet.

I will have to go back and find the file that me and some friends were working on, I can't remember the post right now but I'll find the post number and share it soon. Within that photo was another photo AND a large file that had been encrypted with something like PGP. We needed the private password, but didn't have the programming skills to make it happen. The question is how many possible permutations can occur when using 128 bit encryption? I know it's an enormous number, but it could be split into sections and automated by programmers and it seems that some of you folks have that skill set. Anybody interested?

dd2576 No.2325035

If anyone wants to go look for the file that I'm talking about, go to the Q posts starting in February and download them. The file that I'm talking about was 1mb in size and it was a jpg, if memory serves. We found a small gif or jpg in it that was a small Q either white on black or black on white inside the file and the large encrypted file. You will know when you have found the file, because it takes several minutes to download. I thought for sure that you guys had already done this or I would have been here before. The research group that I have been associated with has fallen apart several times now, so much doesn't get done. I hope that this group is different.

dd2576 No.2325057

Question: is there a max number of posts allowed in threads? It seems that once a thread gets to a certain number a new thread is spawned. True?

dd2576 No.2325091

Alrighty then. BBL.

b856fa No.2325105

File: 68f6159f5ad659e⋯.png (85.16 KB, 1224x157, 1224:157, ClipboardImage.png)


we can start by guessing the last 30% of the password

all you need is f5.jar (compiled in 2011) and java


choose a password (trusttheplan = plan)

java -jar ../../Downloads/f5.jar x -p plan -e out.txt Q4example.jpg

and look at out.txt - if it starts with "—-* PK v 1.0 REQUIRES PASSWORD —-*" you have the right last 1/3 of the password

curl https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/f5-steganography/f5.jar –output f5.jar

java -jar f5.jar x -p plan -e out.txt Q4example.jpg

cat out.txt

1bdc14 No.2325171


nice, looks like clown bakers fucked with us, we gotta get orig data

1bdc14 No.2325253


pkzip password, use dd to carve it out

dd if=file bs=startbight size=math-to-last-byte of=extracted zip fle

make sense?

good work anon, a guide would be great so we can unleash everyone on all of them, ill start looking back thru my archives for original images, i made .mht of them all same as german anon

cant tell you how thrilled i am, hey try to sound out that password phonetically, it kinda makes sense if you think like a deviant toes and resing or see sight;ll fucks? why four? enco something….

see what you come up with

ill be back in 8 hours

1bdc14 No.2325263


then after carve out file run cracker on it, i got some nice gpus will make quick work

1bdc14 No.2325273


im so glad you're here man, did i mention that, youre the only one ive come across sof ar who can compile and knows their way around a command line

1bdc14 No.2325293


just thought if we have one wrong image, maybe there is one more, making three versions of it, that would make a 3 part rar/zip archive, volume would be complete!

d2c045 No.2325299


what is your source for the image?

be careful who you follow!

1bdc14 No.2325305


also if the shit in there is illegal as fuck, recompress it with a simple password so that way you're uploading slightly compressed/encrypted data andyour isp doesnt send the feds when the bitstream flys by them

1bdc14 No.2325352


sorry for so many replies that are seperate, am scatterbrained, did you try the 2013 version as well with minor fixes in commit notes?

if youre having trouble might be something to consider, but looks like you are aware of that! ok maximum progress! ill meet you here later or in a similiar named/looking thread if its full

1bdc14 No.2325368


i think he reposted this image from /pol

telling us wed be suprised at what steg is there

there is only q i believe refers to the jfk jr thing, im staying in my expertise which is tech, going for now

5167a0 No.2325814


Here is the new thread URL:


Thank you for your interest.

5167a0 No.2326067


did you ever get a word list / passwords tried list?

dd2576 No.2326068

Okay, I forgot there were other files that had stuff in them too. Go to Post #79. Download the file. There is a .zlib file in it. We couldn't open it. Honestly, all of the files should be downloaded and checked. Our group did not have the skill set that I see here.

227e9d No.2326112

If more want to try, this guide/toolset will help:


5b8087 No.2326152


C#fag from yesterday here, i left my code running over night testing 2/3 Of various passes, no luck. Did you find something ? I used q images that he posted though, not silverman pic since I figured you were working on it.

c4d96e No.2326167


What is the current name of the LGBTQ?????? community, seems like a great password that is constantly changing and easy to find.

dd2576 No.2326176

If memory serves, the steg software used was on an Apple machine. Q posts 89, 98 and 101 have zlib files in them. Going through my list now, more to come…

b856fa No.2326226

File: 987c4865a75468d⋯.png (362.45 KB, 640x480, 4:3, img0004358.png)


was debugging and realized it is actually the last 1/3 of the password!

look at


i'm retrying the suffixes of the wordlist and false god names now

dd2576 No.2326348

Here is the list of images that were in Q posts that we found .zlib files in:





















We stopped looking after that. No sense in finding files that couldn't be opened. I suggest again to download all of the files and recheck, we could have missed some and many more images have been posted since then. Good luck!

e6b647 No.2326398

File: 0fb295af8472e58⋯.jpeg (10 KB, 143x255, 143:255, pedo protectors.jpeg)

Your day is coming!

e6b647 No.2327389


I'm about to join the Air Force National Guard right now. Who cares if I'm 30. Our country needs us!

Try this, An anon posted right after i was asking Q about the password while Q is posting.try as remainder 2/3

or by itself

e6b647 No.2327513



I'm about to join the Air Force National Guard right now. Who cares if I'm 30. Our country needs us!

Try this, An anon posted right after i was asking Q about the password while Q is posting.try as remainder 2/3

or by itself

e6b647 No.2327763

Q and anons

so I guess we're done with the Silverman Password!

You know, because it's been cracked right?

Fucking short attention spans.

b856fa No.2327840

File: c851e39e3ae93fe⋯.png (76.94 KB, 321x272, 321:272, img00041340 (2).png)



still making progress, tried your ideas no luck, sped up pixelunknot getting decent speed, trying suffixes of the wordlists now, cpu is running 100% with ideas

b856fa No.2327887

File: d513a6f2f98c517⋯.png (281.93 KB, 920x359, 920:359, ClipboardImage.png)



finding lots of combinations that return a single -, I think that is encouraging

dd2576 No.2328417

I'd like to speak with C# Anon, if possible. Thanks.

b856fa No.2328825

File: 264e1ad43d3f870⋯.jpg (67.16 KB, 500x489, 500:489, Cat.jpg)

File: f1b40529c2ddf90⋯.png (23.35 KB, 479x326, 479:326, ClipboardImage.png)

more observations:

* PixelKnot only outputs jpg images

* the jpeg decoder is buggy and won't open a lot of jpg (it'll hang at some percent as people are noticing). those images were not encoded with PixelKnot have no data

* from the password it generates a 20 character hash and uses that to seed a random number generator, creates an array from 1 to n and then randomly swaps the numbers in that array. those swapped numbers are the index in the image of where it hides the data

* there is not much entropy in the swapped numbers (Permutation class), many hashes would come up with similar swaps

* pixelknot puts 8 '-' characters in the header of the encoded message

so that means a jpg that f5/pixel(un)knot can open and find many passwords that return a '-' in the decoded text probably has data encoded by PixelKnot!!!

I've sampled cat jpgs from google and half wouldn't open, and others find few '-' solutions.

the silverman pic and the WWGWGA!.jpg from >>94 both have a bunch of '-' solutions

i'm running all the q post texts against WWGWGA!.jpg for a while to see if anything pops out

i don't know though, this random cat picture also has a bunch of '-' solutions using q post texts so maybe i'm barking up the wrong tree

7c73bd No.2328850


Sounds like you are way ahead of me. Can you pastebin your modified Extract.java ?

I saw that PixelUnknot jar you posted. No offense, but I'm not gonna run a large program that I can't verify that was posted in this board.. not with all the fuckery afoot.

e4fe7e No.2328858


Agreed. For all it can be this place has a terrible case of ADD sometimes.

7c73bd No.2328884



What was the password found to be?

e4fe7e No.2328907


>MOS 3D0X2

Godspeed Anon. My nephew has same MOS. We need lots more like you!

b856fa No.2329024

File: 8f47806529a6202⋯.png (211.17 KB, 433x391, 433:391, img00034450.png)


smart, can't blame you, wasn't my jar though from google code archive : https://code.google.com/archive/p/f5-steganography/

>Can you pastebin your modified Extract.java


you can git clone https://github.com/banona/PixelUnknot.git and compile yourself with an ide like eclipse or intellij

b856fa No.2330113

File: 10d9ad3df087372⋯.png (280.65 KB, 815x337, 815:337, ClipboardImage.png)

did some math and this is great

>crunch 1 3 '0123456789!@#$%^&*()-=_+[]{}\|/.,<>?:;~`abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'

>Crunch will now generate the following number of lines: 787241

>787241 lines to catch any password 9 chars or less

> elapsed: 300s, rate: 73 lines/s

> 787241 lines / 73 lines/second = 10,784 seconds = 3 hours

> 3 hours to check every password 9 chars or less

if that doesn't work then to check every 4 chars, which would be any password 12 chars or less

> 71639296 / 73 lines/sec = 11.4 days

that's only on one desktop, split that work up in the aws and one could detect pixelknot encryption and have the last 30% of the password pretty quickly

> lines: 52927 / elapsed: 720s = rate: 73 lines/s

> lines: 57480 / elapsed: 780s = rate: 73 lines/s

> lines: 62061 / elapsed: 840s = rate: 73 lines/s

Tick Tock

0efd35 No.2330157


Opened the file in a HEX editor.

the first part of the file has unusual text in it.

Other pictures I've opened don't have this.






ÿÄ�µ��w�!1AQaq"2B‘¡±Á #3RðbrÑ

$4á%ñ&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz‚ƒ„…†‡ˆ‰Š’“”•–—˜™š¢£¤¥¦§¨©ª²³´µ¶·¸¹ºÂÃÄÅÆÇÈÉÊÒÓÔÕÖ×ØÙÚâãäåæçèéêòóôõö÷øùúÿÚ� ��?

ee8f98 No.2330181


For you I made this: >>2316353

With this snippet you can verify that the code hasn't been tampered too much from the original version. For extra security you can run code in a virtual machine or remotely on some cheap VPS server.

b856fa No.2330308

File: 8afeeb6740bb12b⋯.png (232.33 KB, 621x384, 207:128, img00028930.png)


>some cheap VPS server

please! if anon has compute to spare

this narrows down the problem enough that we can distributed brute force

b856fa No.2330746

File: b060ff2d4bfbe0f⋯.png (4.54 KB, 379x105, 379:105, qgoodbite.PNG)

File: 44b35dddd7bf24a⋯.png (105.13 KB, 295x282, 295:282, img00000010 (2).png)

>;Q: good byte - at 0

>lines: 269462 / elapsed: 3600s = rate: 74 lines/s

first hour down, two more to go to…

7c73bd No.2330928


That cannot possibly be correct. If I counted correctly, you are trying all 3 length combinations of 73 different characters. So it should require 3^73 combinations. That is 6.76x10^34

And the minimum the PixelKnot will allow is 4 chars. That would take one CPU until the heat death of the universe. And any reasonable person would use 10 to 15 chars for something like this.

We need to find or create a program that takes a list of possible word (scraped from that 4chan thread, plus other relevant terms, for example) and numbers up to a few digits and assembles them in various natural language ways. And then with 1337 speak substitute characters. Human beings chose that passphrase. So it's better to look at it as psychology problem than purely a math problem.

But first we need to make the tester as efficient as possible. That's what I'm working on now.

ee8f98 No.2330980


Hereby I'm adding instructions how to run the PixelUnknot code on a Unix/Linux machine, because it happened to be quite difficult for me at first.

First, install packages: maven, java-1.8.0-openjdk-devel, bouncycastle (Red Hat, on Debian packages may be named differently)

Clone the repository, open the directory

Edit file pom.xml: after <build> add <sourceDirectory>src</sourceDirectory>

Execute: mvn package

Execute: java -cp /usr/share/java/bcprov.jar:target/PixelUnknot-1.0-SNAPSHOT.jar q.Main Q4example.jpg passwords.txt

(file bcprov.jar may be in a different location if your distribution is not Red Hat-based. check files in your bouncycastle package)

7c73bd No.2330984


Opps. 73^3. Which is 389017.

But still 10 to 15 chars. 73^10 is 4.29762583×10^18. This approach will take too long.

e6b647 No.2331022


awesome anon!

Your the shiz!

b856fa No.2331057

File: 7110f7b78db31bd⋯.png (235.11 KB, 408x381, 136:127, img00030370.png)


that's what i came up with but crunch made a file with 787241 lines because it includes all 1, 2 and 3 character combination (73 + 73^2 + 73^3)

only need to match the last 1/3 of the password to verify that there is a message - so passwords under 12 characters, we only need to check up to 4 chars. 15 char password is 2 billion or 1 year on my desktop… that isn't going to work, would have to divide that up

anyway, the < 9 char passwords are easy enough

lines: 390636 / elapsed: 5220s = rate: 74 lines/s

7c73bd No.2331140


>only need to match the last 1/3 of the password to verify

You sure?

final F5Random random = new F5Random(password.substring((password.length()/3)*2).getBytes());
Int-divide by 3, times 2. Unless Java does some weird string math thing I don't understand it, it should be 2/3rds of the password.

ee8f98 No.2331144


This isn't the correct image. PixelUnknot crashes on this one.

This one is correct: https://i.4pcdn.org/pol/1532237608528.jpg as referenced by >>2304030

SHA1SUM: f1335a1095a3ae15094e0a09e1cb83e5679dda26

b856fa No.2331186

File: 2c837b895de2bf6⋯.png (12.28 KB, 836x200, 209:50, substring.PNG)


yeah the param is the start of the substring and returns the rest, so it's starting a 2/3 of the way through

e6b647 No.2331266



That is interesting

I can make a little sense of it but i haven't coded for over a decade. One thing Iv'e learned is coding aint like riding a bike. If you fall off, it's hard to keep up. Atleast for me it is.

I'm brushing up but you guys have me beat by miles.

I wish I could help. I do have a couple of friends (web masters) that may be able to yield resources for a short time that would probably be up for lending a machine or two if needed.

Ill send them here if they are up for it.

7c73bd No.2331291


Ohhhhh… that explains why it I didn't for for me as quite I expected when I was tinkering with using the original F5 algo to decode test images.

Then it looks like your approach my be indeed be feasible.

b856fa No.2331312

File: 610d82ad66d7864⋯.jpg (56.17 KB, 318x398, 159:199, img702006.jpg)



more maths… my desktop has 32 core, so 2.3 lines per core per second

aws spot instances can get 72 core for $0.62/hr, which is 596,160 lines

4 letters - 71,639,296 combination would cost $74 to for password 12 or less long

5 letters - 2 billion combination would cost $2079 for passwords 15 or less

any richfags want to get this solved?

e6b647 No.2331316


I wonder what would happen if you open it in gimp or photo shop and rename to jpeg or export it

Jpeg for pixelnot

0efd35 No.2331351


it would corrupt the data

e6b647 No.2331362

File: fabd30ac56bac00⋯.jpg (139.03 KB, 723x1154, 723:1154, 3930a76b2028bf79781986862c….jpg)


this should be original

ee8f98 No.2331367


The example file included matches just "plan". I would kind of want to optimize the PixelUnknot source code.

diff –git a/src/q/Main.java b/src/q/Main.java

index 9954f97..ab94435 100644

— a/src/q/Main.java

+++ b/src/q/Main.java

@@ -132,14 +132,14 @@ public class Main {

Files.readAllLines(filePath, StandardCharsets.ISO_8859_1)


.forEach(line -> {

- for (int j = 0; j<line.length() - 2; j++) {

- String l = line.substring(j);

+ //for (int j = 0; j<line.length() - 2; j++) {

+ //String l = line.substring(j);

// System.out.println("trying " + l);

- int res = extract(coeff, l);

+ int res = extract(coeff, line);

if (res == 1) {



- }

+ //}




What has changed? Now, our password file contains only the 1/3 suffixes, for example "plan" and so we check only "plan", before that optimization, for a line "trusttheplan" in the password file we would check "n", "an", "lan", "plan", …, "rusttheplan". The problem is, that with the original code suffixes like "a", "b", "c" get checked too often.

I'm now trying all strings of a form [a-z]{4}.

e6b647 No.2331378


yeah and i just realized it's already jpeg

6cbe57 No.2331383


google search "naked nudists" and start clicking on sites and they will lead you to much child porn. then you can report all you see! click on main sites then start clicking away. click enough times and you will make it to real sick child porn. please bust all these urls! together we can eliminate them all!

ee8f98 No.2331417


Are we checking the image Q uploaded, or the image "Sarahposter" uploaded at 4chan? I'm checking the second one.

0efd35 No.2331449


should be the halfchan image.

message was in that one.

might be a return message in the one Q posted.

both need looked into

e6b647 No.2331454

File: 840e56f8babf0c9⋯.jpg (148.63 KB, 723x1154, 723:1154, SSHGQQ.jpg)


My bad

This is the original

e6b647 No.2331466


sorry, yeah thats the one i just posted from 8 chn

Q post

ee8f98 No.2331537


This is the Q-original.

SHA1SUM: 4cfbe7be8d8dd07dcb298fda493b80947db5c91e

This one isn't: >>2331454

Picrel is the "Sarahposter"-original. Should be:

SHA1SUM: f1335a1095a3ae15094e0a09e1cb83e5679dda26

ee8f98 No.2331555


Forgot the picrel. It's in this post actually: >>2301393

0efd35 No.2331580




e6b647 No.2331606


Glad someone knows what their talking about!

My bad!

My bad!

My bad!

I guess I did my part here muddy the waters.

Ill FK off now lolz!

ee8f98 No.2331682

File: 2c1efa6ceef7e02⋯.jpg (58.71 KB, 640x480, 4:3, test.jpg)

File: d695fab6d2dc8fd⋯.png (26.76 KB, 640x480, 4:3, test.png)

File: 286e0495d8feaa3⋯.png (85.47 KB, 640x480, 4:3, test2.png)


Yes, we should use SHA256 as it's what 8chan uses for filenames.


This is the "Sarahposter"-original.


This is Q-original

Incidentally, the original Q image is named:


So let's do an experiment: does 8chan rewrite images upon upload. The images I will upload now should have the following SHA256 checksums:

286e0495d8feaa363a2060471064e41662cdeea6e53c023cca89dfb2a0e57c0f test2.png

2c1efa6ceef7e02ece13f538b1234b4cc52d09cad3b471994037f417d7bd5872 test.jpg

d695fab6d2dc8fd1417723a014712925a99fbd1beafa1aec08fd71aed8c0f7bb test.png

If they don't match, they got rewritten on the fly.

0efd35 No.2331713


only tested test2.png



ee8f98 No.2331785

File: 886094e3f5ddc2a⋯.png (26.35 KB, 640x480, 4:3, 286e0495d8feaa363a20604710….png)

File: 874087581dc97a9⋯.jpg (54.57 KB, 640x480, 4:3, 2c1efa6ceef7e02ece13f538b1….jpg)


Incorrect. They got rewritten:

886094e3f5ddc2aeab88c295b7d9b5529272af8a271bff1068d1734612d28f15 286e0495d8feaa363a2060471064e41662cdeea6e53c023cca89dfb2a0e57c0f.png

874087581dc97a9f447bb4f8aef9d72d8d1d6817b25bbee1b2f45b78a416caa4 2c1efa6ceef7e02ece13f538b1234b4cc52d09cad3b471994037f417d7bd5872.jpg

886094e3f5ddc2aeab88c295b7d9b5529272af8a271bff1068d1734612d28f15 d695fab6d2dc8fd1417723a014712925a99fbd1beafa1aec08fd71aed8c0f7bb.png

test2.png was constructed by appending some data (that happen to be test.jpg) to test.png. 8chan dropped the extra data, so test.png equals to test2.png. What if I upload them again?

ee8f98 No.2331819


They are intact now. So I guess 8chan drops metadata, but after they are rewritten by 8chan and reuploaded, they stay intact.

0efd35 No.2331831


I got the SS pic directly from 4chan

e6b647 No.2331878

File: 164baf3051a97f1⋯.png (55.92 KB, 920x603, 920:603, gematria calc.png)

Here's file name in gematria calc.

e6b647 No.2332004

File: df96e85f553b2d3⋯.jpeg (7.85 KB, 159x159, 1:1, dunce.jpeg)


ok I c now that's the program

e6b647<<< wearing dunce cap

ee8f98 No.2332051

File: 3930a76b2028bf7⋯.jpg (152.88 KB, 723x1154, 723:1154, 3930a76b2028bf79781986862c….jpg)


Ok, I tried downloading with the "download with an original filename" link and it's how you can ensure you will download the original file and not a rewritten one (not really - I don't know how it works).

This is the original Q checksum, as denoted by the filename:


I managed to download the original, but I can't recreate it anymore. Pic related, you may have some luck clicking on the (h), (u) buttons.

Not that we should focus on this image, but on the "Sarahposter"-original. Just be aware, that 8chan rewrites images.

2ba532 No.2332171

File: a5376eb8d683e83⋯.png (10.67 KB, 410x219, 410:219, ClipboardImage.png)

File: 824112c4acc0e05⋯.png (10.65 KB, 412x219, 412:219, ClipboardImage.png)


8ch sometimes rewrites pngs because lossless compression but afaik does not re-write jpegs

ee8f98 No.2332232


Ok, I know now. This is how you can download the Q-original image:


Make sure it's random, so you don't get the modified 840e56f8babf0c9d8292f73d7ca34f00dfbb741c338aed0859a7ca80590eca80 file.


It rewrites both, but not on the first access.

e6b647 No.2332279

File: 763329da3201f56⋯.png (15.59 KB, 236x255, 236:255, 40687c1b9d6e78a85ae7e77d6f….png)


So if John podesta and stephen colbert are best buds.

maybe it's from Colbert password related





But you probably already went down this road

2ba532 No.2332344

File: 7abc7d5d140ad9e⋯.png (206.94 KB, 1000x623, 1000:623, (h).png)


>It rewrites both, but not on the first access.

No. My checksums match the originals.

Use the (h) links to ensure you got the original file.

0efd35 No.2332368


make sure you click on the image, then save image as.

otherwise if you just click save image as, it saves the thumbnail small version.

ee8f98 No.2332408


Yes anon, you are right. Your image in >>2301393 is actually correct, just make sure to check the checksum later on. For reference, it's: 5a7f006bc6398e644ec960d83a9e36f04be80e96bb4a48082d18042fe55993cd . I didn't intend to muddy the waters, but I actually did. But at least make sure to check the SHA256 checksum before trying to crack. Use this method for best results in downloading the original file: >>2332232 or download from 4plebs: https://i.4pcdn.org/pol/1532237608528.jpg

2ba532 No.2332416

File: 7405dd51fcf2490⋯.png (303.07 KB, 1060x1002, 530:501, Proof.png)


I got the right files bro



53e319 No.2332419





Archive of original image post and thread


53e319 No.2332459




ee8f98 No.2332545

File: e6f7565d504aa31⋯.png (107.72 KB, 1277x453, 1277:453, INSTR.png)



You are both wrong, unfortunately. See pic related. You need to get a random link as described here: >>2332232


You got the right files because you were the first to download them. See pic related. If you try to download them now, they will be cut. But I think we don't need to derail the thread more, I will report the issue on /sudo/ in a moment.

ee8f98 No.2332679


Ty anon, I can confirm the sha256 checksum of the file still served by 4chan on https://is2.4chan.org/pol/1532237608528.jpg to be 5a7f006bc6398e644ec960d83a9e36f04be80e96bb4a48082d18042fe55993cd as expected.

125354 No.2332716


Not necessary. If this message was directed at Q team, they must know NSA is backing them up. NSA can crack encyption like this instantly so they don't have to make it too easy.

b856fa No.2332718

File: 506a048e016d2b3⋯.png (98.7 KB, 312x297, 104:99, img00068250.png)



3 letter permutations complete, nothing there - password must be longer than 9 chars

back to trying password suffixes

2ba532 No.2332748

File: 06470f4b494b13f⋯.png (56.9 KB, 1262x740, 631:370, Tryagain.png)


No… This is not an 8chan issue. Your browser/ISP caching the images is your issue. Downloaded the file two more times just to check.

182eda No.2332809

I got some results with 'fake'

182eda No.2332850


Looks like gibberish. Nevermind.

ee8f98 No.2332904


I repeated my results from another ISP (HTTPS hijacking? That would be interesting). For the record, changing from curl to wget did not trigger getting the original file. You don't look like a Tor user though, so I don't really know where's the culprit.



I checked it out and yeah, that's not a result.

ee8f98 No.2333474


Nice find. I stumbled across the same now. I found 3 files in my research that have this "CDEFGHIJSTUV…" string.

First one is Q4example.jpg (OP's image)

Second one is 5a7f006bc6398e644ec960d83a9e36f04be80e96bb4a48082d18042fe55993cd (SS image)

Third one… is 3930a76b2028bf79781986862c68c6bfd3e36bd727f7c2dd8e14c5cc702aae34 (Q's image)

It probably means that all 3 were generated with the same image generation library. Which could be the Java generation library. And that could mean, that while we know that the first one has some obfuscated data… Q tells us the second has as well… But he himself probably embedded a message too :) Or not. Just make sure you get the rare original file.

7c73bd No.2333595


What kind of speed are you getting?

I'm trying to optimize this code. I'm only getting about 200 per minute. And I can't think of any obvious way to optimize the Permutation part. But I'm going to keep thinking about it.

I assume you are generating a list with Crunch in the same method you posted above but with 4 chars. I'll do the same and start from the other end of the list.

e6b647 No.2334025


How would a coder block out a note within this code language? You know like when he leaves a note to himself and needs it to be mute to the program itself?

Something looks fishy but not sure.

is it worth noting that the letters and numbers missing from 456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz

123 ABKLMNOPQRabklmnopqr

is missing

and from 56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz


is missing

I understand that there's an equation involved but to my limited knowledge it almost looks like none of it is seen by the program or maybe part of it.

7c73bd No.2334176



Better idea.

Many of these characters are awkward to produce from a phone keyboard or are simply not what a human picking a password would use. How many people are going to stick curly brackets in a passphrase? I wouldn't even use parentheses. So I suggest shortening the symbol set to "!@#%&-_+*? ". And don't forget 'space'. It's likely to turn up in passphrases.

For devision of labor let's generate a set of chunks the same way and attack it a few at a time. I generated them with,

crunch 4 4 "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#%&-_+*? "
split -n 20 passwords4.txt passwords4.txt.

I've started with the first four, chunks aa through ad.

2188ca No.2335506


I think C# Anon is going to have an issue with SecureRandom(). They won't be the same on .NET vs. JAVA, I'm running into this issue as I'm porting the JAVA code to JS.

I can call JAVA code from JS, but I want all this to run client side browser.

2188ca No.2335545


Actually, if people are using different OS other than Android for trying passwords it probably won't work correctly.

7c73bd No.2335715


I generated test images with known passwords in the Android app and then tested them on my Linux machine. It works. There is apparently no reason for SecureRandom to deviate from the default SHA1PRNG algo, at least not in this case. But I suspect that SecureRandom going out and grabbing other sources of entropy is why the app often fails to decode it own output. The app's creator should have rolled their own PRNG. It would have been trivially easy.

2188ca No.2335793


I think there was a change in Jellybean 4.3, where the underlying SecureRandom was changed. If this is the case, if the image F5'd with pre 4.3, it may not work correctly 4.3 and greater. I'm guessing these people are using burner phones for all this.

What a mess, and we probably don't know if Q uses f5, but I think iOS is used.

7c73bd No.2336001

File: 479d3f7dee0a4bd⋯.jpg (125.95 KB, 720x1280, 9:16, testtesttest.jpg)

File: 4fa007ae1a87570⋯.pdf (28.77 KB, BruteCrackPK.java.pdf)

File: 78e82703af9899e⋯.pdf (28.95 KB, BruteCrackPK_fullpassword.….pdf)

Anons in the General thread are talking about this. So here is the method I'm using right now.

I'm not using the PixelUnknot tool written by [b856fa]. There is too much code for me to read through to verify that he's not a shill trying fuck with me. So I grabbed the original F5 algo that was rolled into F5Android and then into PixelKnot. Then I heavily modified Extract,java (PDF related).

1. Install Java. OpenJDK on Linux works. Don't know about Windows.

2. Download F5-steganography-master.zip



Unpack it.

3. Copy and paste the PDF into a file called BruteCrackPK.java. Save it right next to Embed and Extract.

4. Compile the it with "javac BruteCrackPK.java"

5. Generate a bunch of passwords. See


for an example. Feel free to jumble together any set of relevant words and variations.

6. BruteCrackPK is setup to take the wordlist from standard input. I wanted to be able to eliminate filesystem overhead between Crunch and it. That was before I realized how much work it has to do internally for each test. Turns out fs overhead is comparatively trivial. By anyway, run it with something like,

java BruteCrackPK imagefilename.jpg < passwordlist.txt

7. Wait. Maybe a long time.

The other attached image is encoded with the password "testtesttest". This program should produce a hit with "test". Only the last third of any password is crackable with this technique (it's only possible because of a design goof by PixelKnot's author). The hope is that if we can get the last third it will provide enough of a clue that we can guess the rest, or at least greatly reduce the search space for the next phase.

8. (Optional, inefficient) You can also feed full-length passwords into the class in the other PDF file. But be aware of false positives. The image will hit on "blahblahtest" as well as the correct password. Save as "BruteCrackPH_fullpassword.java"

7c73bd No.2336031


9. Multithreading to take advantage of multiple cores can be done be splitting the wordlist into chunks and running multiple instances of the cracker.

Eh' good 'nuff.

2188ca No.2336057


We should probably consider using this impl:


I hope that this will eliminate some concerns in regards to Android versions of these pedos.

2188ca No.2336071


At least this would use the same impl on Android vs. Linux.

f17d5c No.2336293

File: 88d285b8beb6cbb⋯.jpg (180.2 KB, 1080x1080, 1:1, 29714798_380070935801296_5….jpg)






We need to be working on ALL pictures from Q and (((them))). Q confirmed it. Once we get one… it will cause a HUGE stir. ALL the photos are out there… another reason why we have to store offline… and "we have more than we know"

Someone please try on this picture:



f17d5c No.2336304


and please try:


7c73bd No.2336510


The vast majority of the original pics from Q are in PNG format. The stegano technique used by PixelKnot is for JPEGs exclusively. If you can assemble a list of URLs for all JPEG images Q has posted than I'll be happy pull them down and test for any passphrases you suggest (eg: "WWEG1WGA").

Robots, canonical, nor manifest work. In fact, we think we've already ruled out all password of 9 chars or shorter.

And that is a strange image. The F5 decoder stalls when I try to examine it. I get the message "Nf weder 1 noch 3". This appears to be an error message (in german, "Nf neither 1 nor 3") coming from HuffmanDecode.java. I should have been in bed 4 hours ago. So I'll let some other codefag determine the significance for that and if it's something we need to be concerned about.

ca6a33 No.2336523


Q can't prove they're on the inside, the same way they can't actually do any good with the info they release

Look, if you're allowed to post riddles and gibberish and self promoting crap, but if you post anything that might actually produce results you get killed, then what is actually going on here ? Qanon can't be real, Trump can't be real because it's dangerous ? How do you ever make it not-dangerous ? Wait 100 years ? But what ? I thought these people were sick and they wouldn't be able to walk down the street ? Haven't you had Weiners laptop since 2016 ? Isn't there some "we got the server" report coming in once a week or something ? That's a lot of servers, how many is needed ?

Just more cognitive dissonance ? So the MSM will never report the truth, so it's ok for the only inside truth the people get is from a assholish star trek character on an online mesageboard and in riddles without proper explanation ?

I can understand if someone is working hard and doing their best, but I think it's fair to say that if this level of communication is deemed enough, then there may be some misconceptions about the relationship and where it's headed

7c73bd No.2336698

File: ff93c86f0808f47⋯.pdf (28.81 KB, BruteCrackPK.java.pdf)

File: 47100f283e98d50⋯.pdf (28.97 KB, BruteCrackPK_fullpassword.….pdf)


It just occurred to me that most of you guys are going to want some kind of progress indication and for it to quit if it finds a match.

Added. Updated PDFs related

54da36 No.2337999

File: 137cafca353c160⋯.png (118.08 KB, 607x713, 607:713, DOI_Table_1.png)

File: d79d5d88dddc3e8⋯.png (50.08 KB, 468x322, 234:161, Q#1700_DOI.png)




In 1885 James B. Ward of Virginia published a pamphlet describing a fabulous treasure buried by an explorer named Thomas Jefferson Beale in Bedford County, Virginia, over 60 years earlier. The location, contents, and intended beneficiaries of the treasure were concealed in three separate ciphers.

Ward claimed to have broken the second cipher (B2), describing the contents, and found it to be a book cipher based on the Declaration of Independence (DOI).

The words of the DOI were numbered consecutively, and each plaintext letter was replaced with the number of a word in the DOI beginning with that letter.

The details of the encryption are discussed exhaustively by Dr. Carl Hammer [1], The initials of words in the DOI are given in Table 1.

54da36 No.2338119

File: e618dbd553d59e1⋯.jpg (110.74 KB, 628x504, 157:126, Kryptos 2.jpg)



James J. Gillogly (born 5 March 1946) is an American computer scientist and cryptographer.

Gillogly worked as a computer scientist at RAND, specializing in system design and development, and computer security. He has written several articles about technology and cryptography, is currently the editor of the "Cipher Exchange" column for The Cryptogram, and was president of the American Cryptogram Association.

He is best known for his work solving or debunking some of the world's most famous unsolved codes. In 1980 he wrote a paper on unusual strings in the Beale Ciphers, and he received international media attention for being the first person to publicly solve parts 1-3 on the CIA's Kryptos sculpture in 1999.

54da36 No.2338313


>Can someone with Wireshark or another packet sniffer confirm any odd network activity from the app?

> app hasn't been updated since Feb 2017, so whatever that user found is still programmed in the app.

Please. Could be important, especially to those using it.

>My hope is that traffic was transferred to a white hat server

Along with all the passwords. Message within a message from Q?

54da36 No.2338539

File: 81720b31d19941e⋯.png (124.59 KB, 1123x562, 1123:562, OWL.wiki.png)

e6b647 No.2338607

YouTube embed. Click thumbnail to play.

Hope this helps

e6b647 No.2338683


Another clown exposed!

3112b6 No.2339732


Have you tried the Q hashes?

e6b647 No.2341600


This was posted 17 min after Q's first post today.


He may have sent help!

b856fa No.2341663

File: 5730f0d718dea02⋯.png (14.96 KB, 481x156, 37:12, ClipboardImage.png)

File: 4bb71f4bf7366d9⋯.png (151.65 KB, 478x377, 478:377, img00032290.png)




the f5Android jar uses sun's SecureRandom, and the f5 jar on the google website is able to decode PixelKnot encoded so I think we're using the right one



smart! I get 76 passwords a second so each chunk will take about 5 hours - I'll take aq, ar, as, and at


this is great, can you put your code on pastebin or something i don't open pdfs

7c73bd No.2341888


You must have a monster of a machine! I haven't had a need to upgrade my AMD Phemon II in 10 years. So I'm getting about 230 per minute x4 processes (about 15 per second). Time to upgrade to at high-end Ryzen.





I made some optimizations for quick return as soon as it has enough to rule out a given password. But they didn't speed it up that much. It looks like >95% of the time is spend calling SecureRandom and its internal SHA1 based PRNG 1.8million times before it can decode the first byte. There is not a lot I can do to speed that up.

b856fa No.2342141

File: 6da6eb86d252eac⋯.png (301.57 KB, 428x460, 107:115, partial-rtyu.PNG)

it's probably nothing

looking at partial matches (passwords that extracted two – at the start see pic), these shouldn't be close to real password as secure random does SHA hash so small changes make big change to the random.. but looking through the list this one stood out to me:

he few the proud

tried extract with f5.jar with that password and it crashes my computer, done it twice now

java -jar f5.jar x -p 'he few the proud' -e msg.txt 1532237608528.jpg

looking over the code and I can't think of any reason why and the partial marine slogan is a creepy coincidence

b856fa No.2342377

File: 256a4f2ff4d1dba⋯.png (14.47 KB, 643x103, 643:103, ClipboardImage.png)


PixelUnknot doesn't crash on it, just a partial match… hmm

other observation is that none of the 1-3 letter combinations i did ever produced output with two leading '–' in it


great code, the only other optimization i did was in Permutation to cache result of the initial shuffled list (it starts with sequential array of 178k integers) so it can memcpy the array

all the work is in SHA hash of the password and shuffling that array, can't think of any good way to shortcut that

e6b647 No.2342511

File: f103b8a45d4207d⋯.png (123.16 KB, 1920x1080, 16:9, todays post 17 min Q.png)

b856fa No.2342696




ran all the lines from all qposts and all the ideas posted in this thread

are there more hashes somewhere?

408959 No.2342792


The few the Proud the Marine Corps

c2f389 No.2342867

File: c2395479ff998f0⋯.png (89.37 KB, 720x1280, 9:16, Screenshot_2018-07-29-13-5….png)

I found some Java software for "F5 stegnography" and ran a script to invoke it with every lowercase English word in a file "enable1.txt" but found no matches. Not confident of doing it right and trying a 2nd time.

9c664b No.2343179

File: d8a6712ae2f98a5⋯.png (2.93 KB, 256x256, 1:1, QTrustThePlan.png)

File: f04aa313be8edd9⋯.png (2.92 KB, 256x256, 1:1, Qqanon(1).png)

File: 5239f3873a4ad4e⋯.png (2.93 KB, 256x256, 1:1, QQanon.png)

File: 37a6b49441d5f68⋯.png (3.12 KB, 256x256, 1:1, Qnopass.png)

File: e0d6954b1009dd2⋯.png (1.57 KB, 256x256, 1:1, 18b32b1e6d1073d9138b01800d….png)

Trying something out here. Going to take the original file and several with messages with and without passwords to compare them in a hex editor to try and find any patterns. To those of you with the hardware to brute force, thank you for I don't have much to work with.

passwords: (none), Qanon, qanon, TrustThePlan

2188ca No.2343352

Either I don't have the correct image, but I don't think that SS image has anything in it.

I ran this against jumping comey image >>2336293 and it detected stego.

b856fa No.2344149

File: 06fca008f876c3d⋯.png (162.06 KB, 662x320, 331:160, ClipboardImage.png)





q drop filenames look juicy, here's a list of them if anybody wants to try them on q images


e6b647 No.2344334


So disregard the MOS 3DOX2

I think the anon that posted it originally verified it was him, And therefore meaningless.

He let me know it too. lol!

He may be back to check my spelling here. Better watch my P's and Q's.

b856fa No.2344586

File: 8d6eac810c9f78d⋯.png (300.16 KB, 519x492, 173:164, ClipboardImage.png)




produces a file 92 bytes with 3 — at the start and one in the end, about the right size for a message

not saying that is close to the password but that is close to a decoded message

2188ca No.2344637


Am I missing something? Why are people using PNG's for f5?

7c73bd No.2344703


I just get garbage.

java Extract -p "0+CE"-e 1532237608528.jpg 
Huffman decoding starts
Permutation starts
1843200 indices shuffled
Extraction starts
Length of embedded file: 2951877 bytes
(1, 255, 8) code used
Incomplete file: only 297 of 2951877 bytes extracted

b856fa No.2344904

File: 4cb0394c9d4c83c⋯.png (501.47 KB, 640x480, 4:3, img0003608.png)


uh oh wonder if something is wrong, PixelUnknot and f5.jar produce the same results for me

java -jar f5.jar x -p 0+CE -e msg.txt 1532237608528.jpg

Huffman decoding starts

Permutation starts

1843200 indices shuffled

Extraction starts

Length of embedded file: 4947636 bytes

(1, 1023, 10) code used

Incomplete file: only 92 of 4947636 bytes extracted

7c73bd No.2345053

File: 479d3f7dee0a4bd⋯.jpg (125.95 KB, 720x1280, 9:16, testtesttest.jpg)


Hmm. When I use f5.jar I still get the same results as with calling Extract directly.

You get consistent results both ways on your matching and I get different consistent results on mine. This shouldn't happen.

Have you tested images created with the app with known passwords? Does this image decode with "test" for you? (pic related).

Maybe there is some little variation in SecureRandom. I'm using OpenJDK 8. This probably shares much of its codebase with the Android version.

7c73bd No.2345066


*on Linux.

9c664b No.2345073

File: ec0f6f421ab077f⋯.png (174.45 KB, 1245x484, 1245:484, ShiposterSteg.png)

The shill shitposters are chatting right beneath our noses

b856fa No.2345181

File: 3f3d352feec166b⋯.png (12.29 KB, 486x129, 162:43, ClipboardImage.png)


yeah they both work with that and the Q4example and another test image an anon posted (Boom?)

here are some other passwords that decrypt with leading – but are junk after




182eda No.2345191


I get the dashes with f5.jar


for me it says it decodes fine. contents are this though:

>—-* PK v 1.0 REQUIRES PASSWORD —-*[random giberish here]


is it steg or just part of the header for a color profile or some shit? It's been a while since I looked at the jpg file format.

b856fa No.2345204



maybe your double quotes getting sent as part of the param?

9924f4 No.2345222

>>2345119 (lb)

I've decided to cancel my Fox subscription, too many cabal apologists and liars to endure (including endless commercials). Hannity, Tucker, Ingraham and Judge Jeanine can be viewed online.

9c664b No.2345257


I think it's a steg signature, its been noted before and it's in all of the one's I've generated not found in the original image




7c73bd No.2345468


No, quotes are not being set. If that were true "test" wouldn't work. It behaves that same way from a file as from a command line arg. And none of those strings produce anything for me but garbage on either the SS image or the test image.

That is exactly what testtesttest.jpg is supposed to decode to. PixelKnot stores the messages as base64 encoded AES encrypted blobs. This is not part of the F5 system.

One would expect 1-in-65536 bad decodes to start with two "-" chars by chance. If we are testing millions of passwords then a few that start with "- -" is not surprising. That's why BruteCrack doesn't go ding! until it sees 20 chars of matching sentinel string.

But even if PixelUnknot is simply not testing far enough it wouldn't explain why you would see valid message using F5.jar and I don't.

Very very strange.

2188ca No.2345670

Comments like this are concerning…



2188ca No.2345700


So I think it's going to be an uphill climb given that we don't know what version of Android the OG images were created with.

I think burner phones are pretty much a given, and with that in mind we mind have lower version of Android (typical with cheap phones).

2188ca No.2345735



7c73bd No.2345741


Actually.. if you are implementing that same size filter I am it would skip the vast majority before it got to that stage. Very few 32bit random integers will be between 96 and 2000, roughly 1-in-2.3million. That times 65536… and it's an eyebrow raising coincidence.

14968d No.2345742


One way they communicate is with color and as we already know symbolism. Please read Alan's story and learn https://twitter.com/watkins_2

b856fa No.2345784

File: 07142ff21a9d8af⋯.png (691.93 KB, 1280x790, 128:79, ClipboardImage.png)



OMG you are brilliant - not exactly correct but still brilliant - look at the code for f5Android on the left… it doesn't add the JFIF tag to the image!!!



they start with the hex bytes

FF D8 FF DB 00 84


the silverman picture is not a pixelknot image

182eda No.2345864


After a quick look, paint.net adds that same signature when I save images, photo shop doesn't. So, it might be a paint.net thing or whatever lib it uses for images. I will look more into it and see what part of the header that actually is. But for now, assume that it's nothing.

7c73bd No.2345936



PixelKnot images do not contain JFIF headers. And if the previous image had them they are not kept.

2188ca No.2345938


WOW, this is great…

I was right about the SS image then.

BTW - I was using a tool called autosteg, which uses the same F5 lib, and will encode a folder of images with a given password. The one thing it will do is detect F5, it didn't detect F5, but it did detect it for the jumping comey pic.

One thing that's concerning that gets back what I just recently said, I built PixelKnot app, and encoded my own image, and it didn't detect it, but it does have the JFIF tag in the image. I need to dig some more on why that is.

2188ca No.2345998


I got it wrong then, so if it's JFIF it's a normal image, and it's been PK'd then it's gone.

7c73bd No.2346017


Appears so.

Normal images can have a Exif tag instead. A quick look around turns up a few of those, usually for high rez images directly from cameras.

182eda No.2346032




I believe if you use exiftool to remove metadata it strips the JFIF header as well.

2188ca No.2346130


Comey pic has JFIF though.

b856fa No.2346134

File: a50b7cf15e06240⋯.jpg (79.88 KB, 512x512, 1:1, img702012.jpg)

python script to detect if a jpg was written by pixelknot


2ba532 No.2346148


Do you have that jumping comey pic, anon?

2188ca No.2346152

File: 7c2d2a079e10ca0⋯.jpeg (177.84 KB, 1080x1080, 1:1, 88d285b8beb6cbbe9298af547….jpeg)

2ba532 No.2346187


Thanks anon. Doesn't seem to have the PixelKnot header. If anyone comes across one please post.

d34037 No.2346188


My battery died around 75% through the wordlist, even though most the number crunching was on a remote server. The software I was using goes into an extremely slow decode process when using correct password on test images other anons posted. Therefore you can tell if a password wasn't rejected immediately.

Instead of general vocabulary trials we should compile list of more probable passwords. The vocabulary of Q posts (including image file names) is one start. The vocabulary of the original 4Chan post likewise. Newspaper quotes could be a lead too. It should try one word at a time, then 2 following words at a time, 3 words in a row at a time all from the text corpus…

I don't understand the F5 algorithm but if wrong passwords are rejected quickly most the time then a timing attack could guide the crack, maybe. But almost all trials quit early anyways.

7c73bd No.2346356


I'l already at work scanning my entire offline backup of Q General. :)


rm with_tag.txt
rm without_tag.txt

for filename in $(cat $list) ; do
echo -n $filename
echo -n " "
head -c 20 $prefix$filename | grep "JFIF\|Exif" > /dev/null
if [ $? -eq 0 ] ; then
echo "Yes"
echo $filename >> with_tag_list.txt
echo "No"
echo $filename >> without_tag.list.txt

60a619 No.2346371


You have the date wrong. Its not 2018 there is no sunday july 21 in 2018. It would be 2013 or 2019 and so on every 6 years in either directions.

e6b647 No.2346408

Future topic.






































ACTIVATE CODE: [0 0000 018739 7-ZjG]



Q !CbboFOtcZs No.105 📁

Jun 12 2018 15:20:02 (EST)



CZTA68-KDHG-[ t]



Q !CbboFOtcZs No.106 📁

Jun 12 2018 15:55:46 (EST)





























Jeremiah 29:11



_CONF_AW-CjF78-82(Z 00:00)_


Good Hunting!


e6b647 No.2346522




[ C P 19]

Show the World Our Power.





P_pers: Public (not private).



21_[ f ]_SEQ1239





1 _y




NAT_SEC_A,H,H, L, B, E, classified Cdg-23k




JUSTICE_FED_J[1-4]_remove + appellate


Trip code on 4 working.


We don't like to say his name.


Trip code on 4 working.


We don't like to say his name.



b856fa No.2346540


download all jpeg from a 4chan/pol thread

wget -P pictures -nd -r -l 1 -H -D is2.4chan.org -A jpg,jpeg https://boards.4chan.org/pol/thread/<ID>

loop over using detect.py https://pastebin.com/eszXC1yb

for F in pictures/*; do python detect.py $F; done

happy hunting

23eddd No.2346641

File: 3b51fbf8b6a2597⋯.jpg (28.1 KB, 500x337, 500:337, pixelknot test image.jpg)


I was trying to find a test image so I can see if programs/code I'm trying to get working on my desktop is compatible. Your image doesn't work for me. Pixelknot is stuck on 10% "Fetching your message".

I made a test image with Pixelknot (pic related). The password is "test".

e6b647 No.2346649



Tried to go through all the Q post but there's just way to much. I don't want to shit up the board anymore

e6b647 No.2346698

File: c9daa166f67f87a⋯.jpg (119.15 KB, 436x408, 109:102, Stringer2.jpg)

182eda No.2346733


What app did you create the image with? paint.net?

182eda No.2346781


Also, I can't decode that with f5.jar.

using "st" as the password gives me:


08c1a5 No.2346808


What I have thought too. They are LAYERED in their choice.. and most of us like nearly all just cruised through and blocked these.. fucking bastards.

23eddd No.2346899


I used GIMP to write the text onto an image I found online. I used Pixelknot from the Google Play store to create the test image (and wrote an embedded message).

7c73bd No.2346924


It only uses the last third of the password for that stegano layer. This is what you should be seeing. Pixel Knot adds an encryption layer that the f5.jar doesn't decode.

08c1a5 No.2346981


Pixelknot locked up for me too

I am thinking they fuckered over the app somehow, looking through the reviews, some say it works, others say it does not.. I am more than sure if the deep state players are using it, it is “legit”.. maybe a hiccup here or there.. phone ES to get it worked out..

I think we are still kinda at ground zero. I have been reading up on it, btw I have seen Stenography, Stegnography,.. and at least 1 other spelling for the same thing.. so damn weird.. just like the people’s names..

e6b647 No.2346987




Reads as (freedom)

v (for) SA (Saudi Arabia) US (USA) yes

DC (Device Confirmation) 08 (recipient 1 of 17)

C_EX (4 devices tested 2 days ago) y (yes) AW (Alice and Wonderland) Conf-go (is a confirmed go).

23eddd No.2347019


Did it lock up for my image (>>2346641), the image in the comment I replied to (>>2306905), or both?

e6b647 No.2347027


Dammit jim, good find.

Who would have thought!

More than we know.

Over and over again.


Sure enough though, There's that code!

7c73bd No.2347058


PixelKnot is a poorly written app. And with the way it's written if you give it a bad password it could try to decode up to 2GB of garbage before it checks to see if it's valid output. There is nothing suspicious about it not working right.

08c1a5 No.2347203


Yeah messages are going to be.. “i farted”..

I am sure there are messages with smoking guns in them.. but yeah.

e6b647 No.2347253




Looks like you guys are making headway!

Good hunting anons!

08c1a5 No.2347264


I have been trying ‘row of corn”, “single kayaker”, the original sarah pic isn’t big enough, it is like what 6k? WTF you fitting in that?

>>2347058. Well it sits at 0% now so.. as far as I am concerned this thing sucks donkey penis

d34037 No.2347536


Does YouTube use F5 stegnography in video poster images as a kind of watermark? One of the few images in Downloads folder detected is from a youtube video. I had to edit code and might have screwed up, it should have detected example images…

23eddd No.2347556


The original SS image is 70KB, but Pixelknot wasn't used on the image because JFIF is present (the image has a sha256 beginning in "5a7f006").

As mentioned in this comment, Pixelknot does not have "JFIF" at the beginning of its output files:


The image I created with Pixelknot does not have the JFIF at the beginning. The image on..


does however. Maybe a mistake, maybe a slide, I dunno.

7c73bd No.2347619


Here is the set of Q Research images that start with those 6 bytes (from since I starting backing up the breads a few months ago). 66 files, 9.1MB. I haven't checked when they were uploaded. The two SS pics were clearly created by anons recently.


I haven't tried 4chan/pol/. The archive doesn't save the original images.

2ba532 No.2347681


Nice anon, ty

08c1a5 No.2347705


What sucks is us who have Mac, I have an old broken screen android samsung whatever, and it is helpful, I erased and reinstalled the app, it actually got off zero but stalled out on 10%. For the corn I used the password “Field Agent” fuck if I know if it works..

I have pictues of the info off the files, having to do that cause it is about the easiest. I will post now.

I think the sarah pic was strickly Q talking to DS or letting us know what they do.. that thing was fucked anyway.. being chopped and all.. at 6k, is it compressed?

7c73bd No.2347731





There are other possible explanations why they could be without the usual headers.

2ba532 No.2347810


Roger that. Only one way to find out tho…

9c664b No.2347826




Thanks guys


Speaking of poorly written, is it possible that the developers made a mistake with the random seed generator? Using the same seed for each encryption.



>However, if you attempt to seed the following implementations before obtaining any output from the SecureRandom implementation, you will bypass the internal seeding mechanism of the SecureRandom implementation:







>This may be desirable in some situations; for example, if you need to generate the same outputs multiple times, you can seed your SecureRandom implementation with the same seed each time. However, when unpredictability is required, bypassing the internal seeding mechanism of the PRNG is not a good idea.

b856fa No.2347883

File: bf5dc9c8888d64d⋯.png (616.28 KB, 1098x578, 549:289, ClipboardImage.png)



Look, one of them is the photo from Q's post about!!!

08c1a5 No.2347923

File: 5e4f1e5398cdda4⋯.jpeg (2.48 MB, 4032x3024, 4:3, 1BA49697-433F-40B6-BA07-C….jpeg)

File: cfd7b6d91afc76c⋯.jpeg (2.44 MB, 4032x3024, 4:3, C8E132A3-685E-4CBA-BB02-A….jpeg)

File: ae7ebbe012d0d5f⋯.jpeg (2.58 MB, 4032x3024, 4:3, CDBB9D50-CE35-4A14-BF29-C….jpeg)

File: 8880a80383f948f⋯.jpeg (2.15 MB, 4032x3024, 4:3, 37F82B63-BE28-431B-A481-6….jpeg)

File: 8880a80383f948f⋯.jpeg (2.15 MB, 4032x3024, 4:3, 0AE499B3-6C99-444D-9B10-0….jpeg)


I haven’t been able to get PK to finish up. So does it totally change the filename?

Couple things to note, if you didn’t already know. The darker a pic, the littler the size because there is less data written to the pic, you can see relatively same size for the kayaker and the field pic, kayaker pic is larger, brighter and more there.. field pic not so muich.

Also the differences between the sarah pics, notice how after 4chan it was both changed in name and added “documents” to one.

7c73bd No.2347978

08c1a5 No.2347993


Size is bigger, one from 4chan.. so you need the original, not a copy of a copy because it isn’t the same picture at that point.

a7d73e No.2348153


Steganography includes the concealment of information within computer files. In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol. Media files are ideal for steganographic transmission because of their large size. For example, a sender might start with an innocuous image file and adjust the color of every hundredth pixel to correspond to a letter in the alphabet. The change is so subtle that someone who is not specifically looking for it is unlikely to notice the change.

Sooo.. What is the pattern/ formula you are using on the raw binary color-codes of mega-pixel graphics?

What is the pattern "adjustment" do you expect to find in the original color codes ?

ACSII text 8-bit replacement of 8-bit sections of color coding or something else?

That would presume you could detect edge boundaries on color-codes then compare to ASCII of appropriate segment of 8/15/24/32/48-bit color coding.

Or some other approach?

23eddd No.2348169


>Speaking of poorly written, is it possible that the developers made a mistake with the random seed generator? Using the same seed for each encryption.

There is no randomness for the seed. See method extractF5Seed(). The last 1/3 of the password string is used.


7c73bd No.2348214

File: 252ff478b5b8fff⋯.jpeg (31.57 KB, 450x450, 1:1, 252ff478b5b8fff4c1f21d2a2….jpeg)

File: 310f67a6d8347ca⋯.jpeg (88.53 KB, 1240x669, 1240:669, 310f67a6d8347ca66d1f9834c….jpeg)

I think the logical way to approach this is to pick one or two very spoopy images to bruteforce for short passwords. I'm not gonna launch month-long efforts without confirmation from On High that there is something to find. Pics related.

Q's people are smarter than to use PixelKnot of they are communicating with stegano. Only the badguys would be using it. So the question is.. would they do it here right under our noses or on 4chan away from us? I don't know the 4chan ecosystem well enough.

If the baddies are doing this then they are probably using one password or a system of passwords for everything. If we can crack one then it would be relatively easy to scan huge data sets with the same password.

But before we get carried away we should examine known PK images to any other distinguishing features that can be used to further reduce the search space.

7c73bd No.2348244


*for any other distinguishing

b856fa No.2348285

File: e09976bdd76156c⋯.jpg (110.41 KB, 640x640, 1:1, e09976bdd76156c8ff3b2e0699….jpg)


agreed, smaller images crack faster too - i get 245 pw/s on this one

…we're going to need new bread soon

e50963 No.2348377


JA drop

try pixelknot

b856fa No.2348439

File: 0dff8146309137d⋯.png (15.1 KB, 663x122, 663:122, ClipboardImage.png)


looks like pk names the file with a .jpg - wonder if we should focus on those…

7c73bd No.2348584


Just tested PK. It seems to keep whatever file name it was given, including extension, as input

b856fa No.2348672

File: ed22d1518d42d78⋯.png (16.74 KB, 607x149, 607:149, ClipboardImage.png)

File: bcff4015a4b544f⋯.png (24.56 KB, 445x375, 89:75, ClipboardImage.png)


almost all of them have start of frame header at the same spot, offset matches the size of the DQT in the source

7c73bd No.2349017

File: ea939813077ee3a⋯.png (554.36 KB, 1922x1079, 1922:1079, Screenshot from 2018-07-30….png)


There is a rather large amount of header info between images that is completely identical. This may be easier than I thought.

7c73bd No.2349117


And that shasum of the first 100 bytes turns up in about half of the suspect images posted above.

alec@LinuxMint18 ~/sandbox/suspectJPEGs $ for filename in $(ls -x); do head -c 100 $filename | shasum | sort ; done
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
4e4f9f3343ec6dc8a18e504199f94ae3a16f1930 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
83b4365bc0019319cefb805b63f256c056899a04 -
2c5f4e2a4e7ec5227ce72216291bb59339cd6779 -
83b4365bc0019319cefb805b63f256c056899a04 -
4e4f9f3343ec6dc8a18e504199f94ae3a16f1930 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
4e4f9f3343ec6dc8a18e504199f94ae3a16f1930 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
aa05b3385043676fc62e8dc4a87b8012c5c7f1d4 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
92a5cf0ead183258bd6184119e1a34dc832597dd -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
bee3287f79d35ab382750e8d3e3c7d88b9549a46 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
eb1806eb4f8844e0f9f368a57cd7dde25999f67f -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
6728c784fd823976c21f0cf1ef499b1fd3d96c18 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
bad252a36df757ff13dcd3fb2edb700f3f647164 -
cd61d1fb36dc7d732fa123eb92f4f5d87b017663 -
83b4365bc0019319cefb805b63f256c056899a04 -
c901d6a82cc6cdbde6045647294a92e60501c317 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
352a738298546e72d3fac121536a313254b8fe7c -
58396cc7c6c8996e68db794660339e291e369707 -
83b4365bc0019319cefb805b63f256c056899a04 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
2cd7066aa944bfba204ca606dd654448ce95d35e -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
2cd7f80e375376a6274f012bed6d49a49546690e -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
d6b48f4360d9ae3ee12744c932b3ece682669e90 -
fc4cf8b9ee6771fec14b502d8a2e4b508e9778c0 -
83b4365bc0019319cefb805b63f256c056899a04 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
2cd7066aa944bfba204ca606dd654448ce95d35e -
c3a09c88024ea7079d128ccdf4469d622b4e96ef -
c2ebb5d2d7cf8ce51d94dcc3f80314143061d60d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
4e4f9f3343ec6dc8a18e504199f94ae3a16f1930 -
c3a09c88024ea7079d128ccdf4469d622b4e96ef -
4e4f9f3343ec6dc8a18e504199f94ae3a16f1930 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
5b4bcafab4c9fe7066b489f07ca243c6adfbfbc9 -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -
465215dd9c144d3b2cff93b17b6210b6dfe1c99f -

b856fa No.2349161

File: 6fc344db1638967⋯.jpg (11.81 KB, 400x243, 400:243, 6fc344db1638967fc546931b52….jpg)


smallest one with that header hash

b856fa No.2349214

File: a112348c860c74e⋯.png (197.63 KB, 422x395, 422:395, img00019761.png)


1000 password/second with this image, I can check all 1-3 letter combinations in 10 minutes, and all 4 letter combinations in 15 hours

23eddd No.2349272

File: 60c69f1bf966f99⋯.png (253.23 KB, 906x559, 906:559, files likely made by pixel….png)


Nice find!

I wrote a script to scan all files in a directory and compare them to see if they have this signature.


PN_HASH_DESIRED_OUTPUT="3f3078870bf5ddc7c4d0e6e5941805b7a062c45d -"

for filename in *.jp*; do

FILE_HEADER_SHASUM_OUTPUT=$(head -c 100 $filename | shasum)


echo "File $filename looks like it was made by Pixelknot."



7c73bd No.2349288


That is basically what I did.

b856fa No.2349359

File: 32d600f1738a93b⋯.png (13.83 KB, 515x129, 515:129, ClipboardImage.png)

let's see if AWS will lend me some cores

b856fa No.2350331

File: d70bd7ecf56b608⋯.png (271.03 KB, 789x730, 789:730, clintonhug-secret-message.PNG)


any way to get the post for one of these?

7c73bd No.2350360


A script to do that is running as I type this. Gimme a few minutes.

7c73bd No.2350592


I was already thinking about that. Many of these files were likely uploaded AFTER mentioned PixelKnot. There is no point in cracking files that were uploaded by anons as a joke. Q mentioned PK in bread #2896, which was post #2298164.


The images from before that are more interesting.


As you can see many were posted long before Q put the idea of stegano in anons' heads.

7c73bd No.2350621


Crap the one we are currently trying to crack was posted after.

But it looks like they suddenly stopped.

7c73bd No.2350705

File: a1677d3d755fabf⋯.jpg (16.1 KB, 640x360, 16:9, a1677d3d755fabf1c73b1786f5….jpg)

File: 68ccb4146da7406⋯.jpeg (17.54 KB, 321x323, 321:323, 68ccb4146da74068a0d8749ac….jpeg)

Oops. I scanned the wrong folder, the 6 byte set instead of the 100 byte set. Disregard the extraneous data.

Smallest pre-Q-PK are these two.

b856fa No.2350775

File: 15d3ea371aef0b2⋯.png (96.24 KB, 569x308, 569:308, ClipboardImage.png)



look at this

c532b8 No.2351060


This pixelknot thing is being overthunked, imho. it has to be simple:


7c73bd No.2351079


A suspiciously large number of this image set contains direct symbology.

That must be how (((they))) recognize which ones to examine.

And a large fraction of the images on QR are memes, baker-babes, shill infographics, side-by-side proofs, or clock faggotry. Yet none of that in in this set.

I think we're on the right track.

Here is a bundle of everything for the other anons.


a7d73e No.2351178

File: 0b97457603aa017⋯.png (463.58 KB, 680x328, 85:41, Cargo cult.png)


We are still working on the stego that will make this fly.

Trying out a new theory

a7d73e No.2351207


It is ,,, if you have the coding pattern.

If not, you are wasting you time.

That's why people use encryption methods that can't be compd

If a couple of mopes could figure it out, why would they bother?

b856fa No.2351300

File: 52140d5a827a977⋯.png (79.47 KB, 839x559, 839:559, eveileye.PNG)

File: 5744fa762443550⋯.png (157.21 KB, 966x579, 322:193, looks-intentional.PNG)

File: 72aa362210cf90e⋯.png (416.16 KB, 2438x760, 1219:380, clintonhug-post.PNG)

look at those file name



1 MT8T1L4CxKYxic6avNxIMg.jpeg




7c73bd No.2351325


Now those are some interdasting file names. Obvious question, have you already tried them?

08c1a5 No.2351351


Uh.. is that your name in the first bits.. ?? Alec@linuxmint18

ee8f98 No.2351362


One protip: The pseudorandom function will have the same seed for all those images. You could in theory speed up the search by caching the generated random values, same with individual image coefficients, moving the problem from O(m*n) to O(m+n) (where: m - number of images, n - number of passwords to check)

7c73bd No.2351432




Yeah. Now that we have multiple images to work with, which may have used different passwords, and any one hit would be meaningful… rejiggering the code to do that might be worthwhile.

a50e5b No.2351496

File: 7931cea9b844a3b⋯.png (51.87 KB, 548x326, 274:163, ClipboardImage.png)

File: 082f141f04a096f⋯.jpg (19.23 KB, 288x394, 144:197, Q4example.jpg)

made this thread, wasn't it the Q4example.png??? (pic2 related)

FFS why did THAT warrant deletion???

b856fa No.2351579

File: f39f5bb0d83a2fb⋯.png (161.73 KB, 416x495, 416:495, img00010260.png)


maybe if you cache results of F5random getNextByte for each pass, but the permutations are based on the coeff of the image so not sure if it'll help much


anon can you script up to get the posted filenames of each of the?

55ccd7 No.2351610


I managed to get Android Studio working on my mac well enough to build the PixelKnot application and deploy it into the emulator. My goal with this was to see if I could verify that different Android base versions lead to different results with PixelKnot. I believe we are running up against this issue with F5 PK images that we are trying to crack with F5 lib running on a linux host. It's pointless to try to BF crack these images if we cannot know for sure what we are trying to BF actually matches the source image.

7c73bd No.2351611


Working on it. But I have to get up early to go to work tomorrow. So I'll do that tomorrow night.

Although… I could bundle the original HTMLs in a ZIP. That won't take long.

7c73bd No.2351681






The very first thing I did was test it against images make with PixelKnot and a known password. It works. OpenJDK on Linux is close enough to Android.

55ccd7 No.2351751


Which base version of Android did you use? Also, out of curiosity how did you extract the PK image from the phone? Did you just e-mail it to yourself?

7c73bd No.2351802


Android 6.01

Emailed it to my self.

Extracted using method described here,



This only extracts the payload. I have not yet had a need to get the AES decryption working outside PK. Right now we are trying to get the last third of the password, which is used for the stegano layer.

7c73bd No.2351814

55ccd7 No.2351824


See what happens when you use Android 4.2 of 4.3 vs. Linux host.

7c73bd No.2351849


Probably won't work. Google changed their SecureRandom implementation around that time.

But no one has used 4.x in years. I don't think we need to worry about that.

55ccd7 No.2351895


I just wonder about burner phones, that are around 4.2 - 4.3. Also:

"The Android N operating system version will no longer use the Crypto provider and the SHA1PRNG algorithm, Google announced."

9c0e47 No.2351925


55ccd7 No.2351936


It just sucks we have all these potential different gotcha's is all. I think most celeb's use iPhone's as their primary device, which means they probably have a burner phone for other comms. I think HRC had an Android device if I remember correctly, I wonder what images are in JP wikileaks.

b69407 No.2353947

File: 315b7af35ea39de⋯.png (17.82 KB, 235x315, 47:63, fuckup.png)

File: c5e71b3c2a616ed⋯.png (64.13 KB, 783x252, 87:28, F8ch_f_selected.png)


Someone fucked up last night and clicked F+ instead of F*, or F.

I realize this fuckup comes at a really gay time, but there is no benefit to us to remove your sarah silverman picture.

This was an honest accident, I hope our future actions can prove our intentions.

997d89 No.2354148

In late 2017, JA dumped a cryptic signature on Twitter, which he subsequently took down. Has anyone tried this on anything?

b856fa No.2356070

File: 6cdd7e288ad4923⋯.png (8.63 KB, 550x80, 55:8, ClipboardImage.png)





anon posted a link to a c f5 steg cracker in c that is very fast but it doesn't work on example image

stick with f5.jar or PixelUnknot to crack

Android secure random? Android OS changed but the PixelKnot .apk jar uses sun's SecureRandom implementation no matter which OS it runs on

decode pixelknot images on any OS with using f5.jar

test with Q4example.jpg

look at the filenames and posts

find how the password transmitted

b856fa No.2356344

File: c0401282bc165b2⋯.jpg (87.91 KB, 447x411, 149:137, img702020.jpg)


thank you, here are the filenames


look at all these weird filenames.. there's something there

1002d04c080ad3a7ef4dfc57fea6e248e424f6b7489db59024a1ca0657123a68.jpeg 1_agrJgMO-s-RsbCy6Eepp8Q.jpeg

252ff478b5b8fff4c1f21d2a2fc1e7fb7fe63567f97c0d48f8015554c238f95f.jpeg 94ff5ed6-9581-4cd3-999b-4….jpeg)

419a76281780faaba70a562eadb3259afa20f110bde50d6b3a59611a1990c63e.jpeg 1_Wu-LPq1zKK-R5lsT67nRYA.jpeg

4a1c560bc205a1fc0c70971a71136688c8649335974d9098187de99a42a77dfb.jpeg 1*WkosvaZ2ARJ2hnmXFs02Ow.jpeg

5cafc8b7f9199b0de6df05deb6258103bd22bd9b9ea96ee7e962f2db87090d2c.jpeg 1VsuwyS2ZeBqADEscy6cmw.jpeg

68ccb4146da74068a0d8749ac6bd3dab249e1a6d947c8ee106ef5bfdc0c9cf6e.jpeg 1_xv-xqPhM_w3qdIatlg8L9A.jpeg

69c39d2ea71d4b16290a28c5e4b39a7604ff23ad140565f60a9e4829b668f8ff.jpeg 1-lRz-cOnX2WtHdqwo5BWf-Q.jpeg

6bd21101102aacbd67da60b0c9e8a4cbc9a48ef351d3ee3eae1cb07c699c6d1e.jpeg LJfMqGPBVw2PCM28YYQy_A.jpeg

9cb86a7438663bfb4b3d144e74eea17b202a6d7df9386bc6058d921446d6acff.jpg 0_xFDd1jWKzAU7BI6v.jpg

a1677d3d755fabf1c73b1786f5ac39f714c59cf72fc288029c166f9be119b7cf.jpg 0_PDlwBQSymrdu7_5D.jpg

c982c0559e47b8cb34e964b06738e790211da399aae6cc73e384efc164eb1da9.jpeg 1-AqvMU0oaVzL8UR-llP2k9g.jpeg

ca13d1dfa5616d6a52d6ecf050d42f4a6b3e2a8692f3713bec26186d09a35027.jpeg MT8T1L4CxKYxic6avNxIMg.jpeg

cd6baec96cde97e436667c8ba2ca3a1fcd999f2769470a07429afd8c9b21790d.jpeg 1_m2TxftKgufz3i_CvdybVJg.jpeg

e32140dca7b6a613fc23e47d7c7fb80ee953ae905328bff12a63afbade44cddc.jpeg 1_v3vvVO3DuvEB-osQDcIqlw.jpeg

e5393fba4fcca1dab2d66f98e520503ca942e3bf42bae78de2aa08c8576fa024.jpg 1-0V2r2vC9pJRhMu8E_i0B7A.jpg