CHIqueen

OtterCTF 2018 Silly Rick

Silly rick always forgets his email's password, so he uses a Stored Password Services online to store his password. He always copy and paste the password so he will not get it wrong. whats rick's email password? 이메일 비밀번호를 복사해서 붙여 넣는다고 합니다. 그러면 클립보드에 저장되어 있을테니 클립보드를 떼봅시다. $ vol.py -f OtterCTF.vmem --profile=Win7SP1x64 clipboard Volatility Foundation Volatility Framework 2.6 Session WindowStation ..
포렌식/CTF 2018. 12. 14. 14:33
OtterCTF 2018 Name Game

We know that the account was logged in to a channel called Lunar-3. what is the account name? format: CTF{flag} Lunar-3채널에 접속해 있는 게임 계정의 이름을 묻고 있습니다. vol.py -f OtterCTF.vmem --profile=Win7SP1x64 memdump -p 708 -D ./ $ strings 708.dmp | grep Lunar-3 -A 3 -B 3 // 위로 3줄 아래로 3줄 추가 출력 c+Yt tb+Y4c+Y b+YLc+Y Lunar-3 Lunar-4 L(dNVxdNV L|eNV -- disabled mouseOver keyFocused Lunar-3 0tt3r8r33z3 Sound/UI.i..
포렌식/CTF 2018. 12. 14. 14:29
OtterCTF 2018 Play Time

Rick just loves to play some good old videogames. can you tell which game is he playing? whats the IP address of the server? format: CTF{flag} 게임 이름과 게임 서버의 ip를 알아내시면 됩니다. vol.py -f OtterCTF.vmem --profile=Win7SP1x64 netscan 0x7d6124d0 TCPv4 192.168.202.131:49530 77.102.199.102:7575 CLOSED 708 LunarMS.exe CTF{LunarMS}, CTF{77.102.199.102}
포렌식/CTF 2018. 12. 14. 14:20
Prev 1 ··· 20 21 22 23 24 25 26 ··· 29 Next