21998286_cwx094_035.jpg -

When encountering an image file in a CTF, the first step is to verify its integrity and metadata:

The server may only check if the filename ends in .jpg or .png using a regular expression that can be bypassed or contains logic flaws.

A web application allowing image uploads for user profiles. 21998286_cwx094_035.jpg

In many "Easy Upload" scenarios, the server-side code (like userprofile.php ) might use the include() function on an uploaded file.

Use the file command to ensure the header matches a JPEG ( FF D8 FF ). When encountering an image file in a CTF,

Run exiftool to check for hidden strings or warnings like "Unknown bytes after JPEG segment," which often indicates appended data.

Use strings to look for readable text or base64-encoded strings within the binary data. 2. Vulnerability Discovery Use the file command to ensure the header

To exploit this, you can embed a PHP "one-liner" into the image's metadata or at the end of the file:

© 2026, Norsk elbilforening   |   Personvern, vilkår og informasjonskapsler (cookies)   |   Organisasjonsnummer: 982 352 428 MVA