포렌식/CTF
OtterCTF 2018 What the password?
CHIqueen
2018. 12. 14. 14:11
you got a sample of rick's PC's memory. can you get his user password? format: CTF{...}
메모리에서 비밀번호를 얻어내면 됩니다.
1. vol.py -f OtterCTF.vmem --profile=Win7SP1x64 mimikatz
2. rekall -f OtterCTF.vmem mimikatz
CTF{MortyIsReallyAnOtter}