Difference between revisions of "Sombra ARG"

From Game Detectives Wiki
Jump to: navigation, search
[unchecked revision][unchecked revision]
m
m
Line 113: Line 113:
 
[http://imgur.com/a/FQXmy Album of full screencaps]
 
[http://imgur.com/a/FQXmy Album of full screencaps]
  
==== Temporary resources ====
+
= Temporary resources =
 +
 
 
(This content will be deleted after we've solved the riddles. It serves currently as a repo of tools for the Discord community)
 
(This content will be deleted after we've solved the riddles. It serves currently as a repo of tools for the Discord community)
 
----
 
----

Revision as of 01:06, 3 August 2016

Sombra ARG
Active since 06-12-2016
Overwatch logo.jpg
The Sombra ARG - an ARG involving an unreleased Overwatch hero.
Type [[List_of_Investigations#Official|Official]]
Creator Blizzard
Discovered 06-12-2016

Prelude

The Sombra ARG is an ARG involving Overwatch, a game made by Blizzard. Sombra is the name of an unreleased Overwatch hero that has been hinted at by Blizzard as being an upcoming playable character. Clues and ciphers referencing Sombra were found in various developer updates and short animations released by Blizzard, and this ARG is comprised of those clues.

Ana Origin Video

On July 12, 2016, a video for a new Overwatch hero named Ana was released. By pausing the video at the 2:11 time mark, a bunch of hexadecimal numbers were discovered:

Ana Hex.png

65 76 2E 2E 2E 7B 76 20 66 62 72 20 63 7E 72 79 72 20 7B 76
20 7E 79 71 78 65 7A 76 74 7E D4 A4 79 2C 20 63 7E 72 79 72
20 72 7B 20 67 78 73 72 65 2E 2E 2E 7B 76 20 66 62 72 20 63
7E 72 79 72 20 7B 76 20 7E 79 71 78 65 7A 76 74 7E 04 A4 79
2C 20 63 7E 72 79 72 20 72 7B 20 67 78 73 72 65 2E 2E 2E 7B
76 20 66 62 72 20 63 7E 72 79 72 20 7B 76 20 7E 79 71 78 65
7A 76 74 7E 04 A4 79 2C 20 63 7E 72 79 72 20 72 7B 20 67 78
73 72 65 2E 2E 2E 7B 76 20 66 62 72 20 63 7E 72 79 72 20 7B
76 20 7E 79 71 78 65 7A 76 74 7E 04 A4 79 2C 20 63 7E 72 79
72  20  72  7B   20   67   78   73   72   65   2E   2E   2E

From Hex to ASCII this decoded to:

ev...
{v fbr c~ryr {v ~yqxezvt~Ô¤y, c~ryr r{ gxsre...
{v fbr c~ryr {v ~yqxezvt~Ô¤y, c~ryr r{ gxsre...
{v fbr c~ryr {v ~yqxezvt~Ô¤y, c~ryr r{ gxsre...
{v fbr c~ryr {v ~yqxezvt~Ô¤y, c~ryr r{ gxsre...

When passed through an XOR Cipher with constant 23, this returned:

ra...
la que tiene la información; tiene el poder...
la que tiene la información; tiene el poder...
la que tiene la información; tiene el poder...
la que tiene la información; tiene el poder...

In Spanish, this means

Whoever has the information; has the power...

A second frame of hexadecimal numbers was discovered at the 1:16 time mark of the video:

Ana Hex2.png

When put through the same process, the same string was discovered, but at the end, the letters SOMB appeared. The two were combined to create SOMBRA, the name of an unreleased hero that has been hinted at by Blizzard in the past. This led us to believe that this ARG had to do with Sombra, and the ARG was named accordingly.

Dev Update Video

The vertical barcodes found at the end of the Ana Dev Update video

At the end of this video, a series of vertical barcodes were discovered. The barcodes were solved to be binary, a dump of which is available here, credit of redditor /u/zapu.

Discord user Crauss turned the ones and zeroes into black and white pixels, which formed a QR code:

Sombra QR code.png

Scanning this QR code yielded the following message:

Estuvo eso facilito? Ahora que tengo su atencion, dejenme se las pongo mas dificil

And translated from Sombra's native language of Spanish into English:

Was that easy? Well, now that I have your attenion, allow me to make things much more difficult

Summer Games

Summer Games Video

The base64 cipher in the Summer Games video

On August 2, another cipher was discovered in this video - this time, the ciphertext was in base64:

U2FsdGVkX1+vupppZksvRf5pq5g5XjFRlipRkwB0K1Y96Qsv2L
m+31cmzaAILwytX/z66ZVWEQM/ccf1g+9m5Ubu1+sit+A9cenD
xxqklaxbm4cMeh2oKhqlHhdaBKOi6XX2XDWpa6+P5o9MQw==

Decrypting the above yielded the following string:

Salted__ifK/Ei9^1Q*Qt+V= /عW'͠/ _V?qfF"=q[ z * Zu\5kLC
(Note: copy/pasting this string will not work; some of the characters will not paste properly)

The "Salted__" header at the start of the string indicates that the rest of the string is another code, which is "salted". Salting is a way of obfuscating a cipher by adding additional characters that are not part of the cipher. The header also indicates that the remainder of the text is encoded in OpenSSL, which requires a key.

Directions & Letters

There are references to directions that are present in the North American version of the video. These references are conspicuously absent from other versions of the trailer. These references are shown below, with the relevant heroes and timestamps:

Album of full screencaps

Temporary resources

(This content will be deleted after we've solved the riddles. It serves currently as a repo of tools for the Discord community)


https://github.com/glv2/bruteforce-salted-openssl

http://axxim.net/ow/gol-guesser/

https://docs.google.com/forms/d/e/1FAIpQLSffsP2WlNE9ypugLmH6uIqXxvRQHZunhyPNScwjNDoLAV2kKg/viewform?c=0&w=1