Challenges: CTF collection Vol.1 (TryHackMe)

JebitokJebitok
6 min read

Table of contents

Welcome to the walkthrough of "TryHackMe Vol.1", a fun and beginner-friendly Capture The Flag (CTF) room created to test and improve your fundamental cybersecurity and problem-solving skills. This room consists of 20 short, easy challenges, each designed to expose you to various techniques like steganography, OSINT, encoding/decoding, metadata analysis, and more.

Whether you're just starting your CTF journey or brushing up on your skills, this room offers a great hands-on opportunity. All flags follow the format: THM{flag} unless stated otherwise.

Author note

Just another random CTF room created by me. Well, the main objective of the room is to test your CTF skills. For your information, vol.1 consists of 20 tasks and all the challenges are extremely easy. Stay calm and Capture the flag. :)

Note: All the challenges flag are formatted as THM{flag}, unless stated otherwise

Answer the questions below

High five!

What does the base said?

Can you decode the following?

VEhNe2p1NTdfZDNjMGQzXzdoM19iNDUzfQ==

Answer the questions below

  1. Feed me the flag!

    base64decode

Meta meta

Meta! meta! meta! meta...................................

Answer the questions below

  1. I'm hungry, I need the flag.

    exiftool Find_me_1577975566801.jpg

Mon, are we going to be okay?

Something is hiding. That's all you need to know.

Answer the questions below

  1. It is sad. Feed me the flag.

     docker run -it --rm -v ~/Downloads:/files ubuntu bash
 # Inside Docker:
 apt update
 apt install -y steghide
 cd /files
 steghide extract -sf yourfile.jpg

    It’s problematic to use Steghide on mac so I had to use docker to access ubuntu

    steghide extract -sf image_name

Erm......Magick

Huh, where is the flag? THM{wh173_fl46}

Answer the questions below

  1. Did you find the flag?

QRrrrr

Such technology is quite reliable.

Answer the questions below

  1. More flag please!

    scan the QR Code

Reverse it or read it?

Both works, it's all up to you.

Answer the questions below

  1. Found the flag?

    cat file_name

Another decoding stuff

Can you decode it?

3agrSy1CewF9v8ukcSkPSYm3oKUoByUpKG4L

Answer the questions below

  1. Oh, Oh, Did you get it?

    using CyberChef: Base58

Left or right

Left, right, left, right... Rot 13 is too mainstream. Solve this

MAF{atbe_max_vtxltk}

Answer the questions below

  1. What did you get?

    using CyberChef: ROT13 Brute Force

Make a comment

No downloadable file, no ciphered or encoded text. Huh .......

Answer the questions below

  1. I'm hungry now... I need the flag

    inspect the element of the page and check within the div of this section

Can you fix it?

I accidentally messed up with this PNG file. Can you help me fix it? Thanks, ^^

Answer the questions below

  1. What is the content?

    xxd spoil_1577979329740.png | head

    🛠️ Steps to Fix:

    1. Install hexedit (if not already):

       bash
 CopyEdit
 sudo apt install hexedit

    2. Open the broken file:

       bash
 CopyEdit
 cp spoil_1577979329740.png fixed.png
 hexedit fixed.png

    3. You'll see something like:

       r
 CopyEdit
 00000000   23 33 44 5F 0D 0A 1A 0A   ... (ASCII: #3D_....)

    4. Navigate to the start and overwrite the first 8 bytes with:

       mathematica
 CopyEdit
 89 50 4E 47 0D 0A 1A 0A

      (In hexedit, just move with arrow keys and type the new hex values — it will overwrite.)

    5. Press Ctrl+XYEnter to save and exit.

    6. open the fixed.png file locally

Read it

Some hidden flag inside Tryhackme social account.

Answer the questions below

  1. Did you found the hidden flag?

    on Reddit under r/tryhackme, search New room coming soon on reddit

Spin my head

What is this?

++++++++++[>+>+++>+++++++>++++++++++<<<<-]>>>++++++++++++++.------------.+++++.>+++++++++++++++++++++++.<<++++++++++++++++++.>>-------------------.---------.++++++++++++++.++++++++++++.<++++++++++++++++++.+++++++++.<+++.+.>----.>++++.

Answer the questions below

  1. Can you decode it?

    decode brainfuck language

An exclusive!

Exclusive strings for everyone!

S1: 44585d6b2368737c65252166234f20626d
S2: 1010101010101010101010101010101010

Answer the questions below

  1. Did you crack it? Feed me now!

    using XOR calculator to get the output of S1 XOR S2 then used SimplyCalc to decode base16

Binary walk

Please exfiltrate my file :)

Answer the questions below

  1. Flag! Flag! Flag!

    using binwalk:

    binwalk -e --run-as=root hell_1578018688127.jpg

Darkness

There is something lurking in the dark.

Answer the questions below

  1. What does the flag said?

    Using StegSolve, I had to first install java and stegsolve.jar and ended up using the command java -jar Stegsolve.jar that launched a Stegsolve where I uploaded the image and after few scroll the flag got visible

A sounding QR

How good is your listening skill?

P/S: The flag formatted as THM{Listened Flag}, the flag should be in All CAPS

Answer the questions below

  1. What does the bot said? THM{SOUNDINGQR}

    once I scanned the QR CODE, a url for soundcloud came up, listened to the audio and found the flag

Dig up the past

Sometimes we need a 'machine' to dig the past

Targetted website: https://www.embeddedhacker.com/
Targetted time: 2 January 2020

Answer the questions below

  1. Did you found my past?

    Visited Wayback Machine and searched the targetted website then selected the given date and found the flag on the page

Uncrackable!

Can you solve the following? By the way, I lost the key. Sorry >.<

MYKAHODTQ{RVG_YVGGK_FAL_WXF}

Flag format: TRYHACKME{FLAG IN ALL CAP}

Answer the questions below

  1. The deciphered text

    using Decoder to decode the Vigenere Cipher and found the flag

Small bases

Decode the following text.

581695969015253365094191591547859387620042736036246486373595515576333693

Answer the questions below

  1. What is the flag?

    Using Rapid Tables to convert from Decimal to Hex to ASCII

Read the packet

I just hacked my neighbor's WiFi and try to capture some packet. He must be up to no good. Help me find it.

Answer the questions below

  1. Did you captured my neighbor's flag?

Final Thoughts:
"Vol.1" is an engaging and diverse CTF room that provides a gentle introduction to a wide range of security challenges. From image forensics and base encodings to QR code analysis, metadata inspection, steganography, and even retro ciphers like Brainfuck and Vigenère, the room packs a lot into quick, satisfying puzzles.

Some challenges required creative tooling — like using Docker to install steghide or solving broken image headers with hex editors — while others leaned on intuitive platforms like CyberChef, Wayback Machine, or simply your browser’s Inspect Element. It’s a testament to the idea that CTFs aren’t just about code; they’re about curiosity, patience, and technique.

This walkthrough provides insight into the thought process behind solving each challenge — not just the answers. Keep exploring and remember: Every flag you capture adds to your arsenal for future rooms.

Happy Hacking 🕵️‍♂️🔐!

0
Subscribe to my newsletter

Read articles from Jebitok directly inside your inbox. Subscribe to the newsletter, and don't miss out.

CTF WriteuptryhackmesteganographydecoderbinwalkOSINT

Written by

Jebitok
Jebitok

Software Developer | Learning Cybersecurity | Open for roles * If you're in the early stages of your career in software development (student or still looking for an entry-level role) and in need of mentorship, you can reach out to me.