Shell Game

100 XP 6 solves

Description

During a security incident, a memory dump was captured from a workstation suspected of running malicious scripts. Your task is to analyze the memory and find evidence of the attacker's commands.

Download: shell-game.7z (101 MB compressed)

Decompress:

7z x shell-game.7z

Memory Dump Information (after decompression):

Filename:  shell-game.elf
Size:      646 MB (677,273,236 bytes)
MD5:       4839260a813f8b89533138da84367f2f
SHA1:      2c36c03de2d1f23beed35b40bf9a216ec236de8a
SHA256:    5be3c72a5b88b831e40a1d3dab19e7a3065b57331f72a8f899cdfeea703caf8e

Compressed Archive Hashes:

Filename:  shell-game.7z
MD5:       0ea6b236d77ff7bc99a077dd6d6174c4
SHA1:      01d2d981add723516886b1c9bb1508c00a960165
SHA256:    58e895eeae7e28b6121e451df3e96268e2f3840c4e8823bdda94c21fea20f525

Verify integrity after download:

md5sum shell-game.7z
sha1sum shell-game.7z
sha256sum shell-game.7z

📥 Download Files

Forensics Memory Analysis Windows PowerShell

Please log in to submit flags.

Hints

Hint #1 -10 XP

Hint #2 -15 XP

Hint #3 -15 XP

Discussion

No comments

No comments yet. Be the first!

🔥 First Blood

MrNOODL3 🩸 4d ago

Recent Solvers

hadined 1d ago

Snaxx 3d ago

N04H 4d ago

Ardcord 4d ago

benchi 4d ago

Statistics

XP Value 100

Solves 6

Likes 1

Added Jan 10, 2026

Challenge Author

Administrator

@admin

🚩 Report Issue

Found a bug or broken challenge?