CTF Competitions Write-ups GitBook About

Contents

S.H.E.L.L. CTF - Challenges

 included in write-ups
   215 words   2 minutes 
/shell/logo.png
SHELL CTF Forensic Challenges

1. Cold Compress


/shell/cold1.png

Not much going on in this one. Download the image file you’re given and run binwalk against it to extract the embedded executable. I pulled the file up in Ghidra to see that all it does is print out the flag.

/shell/cold2.png

/shell/cold3.png

2. Grass Is Green


/shell/grass1.png

This one is simple as well. Open the image in an editing program such as GIMP and raise the brightness until you can see the flag.

/shell/grass2.png

3. Hidden Inside 1, 2 and 3


/shell/hidden1.png


I forgot to screen shot the challenge info for all the Hidden challenges but they’re all basically the same. The file is just modified for each challenge.

For Hidden 1 change the extension to .png to view the file. You can just run zsteg against it to find the flag.

/shell/hidden12.png


Hidden 2 is also a png file with the wrong extension. You can run zteg again but this time it finds a hidden png file within the image. 
1

zsteg -E b1,g,lsb,xy hidden2.png > file.png

/shell/hidden21.png


/shell/hidden22.png


Hidden 3 is an a jpeg file which we can utilize JPEG Hide and Seek on to extract the hidden file. There was a hint on the challenge that gave the year a program was created which made finding the JPHS program easier to find.

/shell/hidden31.png


/shell/hidden32.png

Updated on 2021-06-10
 stegozsteg
Back | Home