CTFtime.org / Google Capture The Flag 2016 / For1 / Writeup

Tags: elf volatility forensics rekall

Rating: 1.0

Hi EveryBody The First Step In Any Forensics Challenges is Checking The File Using file or Strings or hexdump or xxd To Get Some Informations About File
This is a Memory Dump so We Can Investigat it Using Volatility Or Any Memory Forensics Framework
I've Found A Solution Using Volatility Framework

Original writeup (https://github.com/MrMugiwara/WriteupsCTF/tree/master/Google-CTF-2016/For1).

r00ta – May 4, 2016, 11:56 a.m.

Very very nice write up: it's funny that your parameters in gimp are equal to the mine one in my write up (https://github.com/r00ta/myWriteUps/blob/master/GoogleCTF/for1/README.md). Is it just coincidence?

For1

Comments

Sign in with