A collection of steganography digital forensics capture the flag challenges by Paul Hempshall.
Each zip file contains the challenge, README, LICENSE, HINT and ANSWER.
Download All in one zip file.
To The Moon
This person has been storing messages on the blockchain with Bitcoin, but we
can't even find their wallet address. All we found was a grumpy cat picture.
Find the wallet address to find the flag{}.
Bad Blockchain
This new botnet is using blockchain to store backup command-and-control server
IP addresses. We’ve extracted the Bitcoin address but it’s not using the
traditional OP_RETURN to hide the data. Can you find the IP address?
Hit a brick wall
The spare key is usually under the doormat, a plant pot, or a rock…
Turtles all the way down
Just an archive of happy turtle pictures.
Sequence
The director of this company believes 2 of his employees are sending secret
messages using some sort of mathematical code, but the messages seem to be
on-topic.
Intercepted
This email was intercepted from a compromised webserver. We believe criminals
were using it to send secret messages but the message body is vague and does
not use PGP encryption.
Hidden
Found in the system32 directory, this .dll file doesn’t do what it says.
Elliot’s secret stash
Free stuff is good, but you could be storing something sinister without your
consent.
Elliot’s secret stash is not available individually on GitHub - download directly from https://www.paulhempshall.com/blog/free-dfir-steganography-ctf-challenges/#section-audio or download all from the releases section
Free for personal and non-profit use with attribution.
Please respect the license contained within each challenge.