Reminiscent

Ok, I admit I need help. I've been poking at Reminiscent off and on for some days now. I'm new at this, so even discovering Volatility existed was part of the fun. I looked at this walkthrough (someone posted it on this forum) https://samsclass.info/121/proj/p4-Volatility.htm and that helped. I've dumped piles of info, and it's pretty obvious what process I'm meant to care about. But I'm clearly missing some important concept--probably very basic--for finding the flag. Basically all I know how to do is get binary dumps and look for strings, and the flag doesn't just drop out with that approach. Do I need to learn how to read process memory? Should I be using some tool more sophisticated than xxd to analyze the various binary dumps Volatility gives me? Should I be realizing that something in the dumps is pointing me to a particular memory address?

Comments

  • edited April 20

    Type your comment> @ouizbajr said:

    Ok, I admit I need help. I've been poking at Reminiscent off and on for some days now. I'm new at this, so even discovering Volatility existed was part of the fun. I looked at this walkthrough (someone posted it on this forum) https://samsclass.info/121/proj/p4-Volatility.htm and that helped. I've dumped piles of info, and it's pretty obvious what process I'm meant to care about. But I'm clearly missing some important concept--probably very basic--for finding the flag. Basically all I know how to do is get binary dumps and look for strings, and the flag doesn't just drop out with that approach. Do I need to learn how to read process memory? Should I be using some tool more sophisticated than xxd to analyze the various binary dumps Volatility gives me? Should I be realizing that something in the dumps is pointing me to a particular memory address?

    I decided to do this challenge because of this post (Sounded interesting) and it's pretty easy...
    U r actually in the right direction :)
    PM for hints if u still need them :+1:

    cyberus17l

  • Thanks, Cyberus, for taking the time to help me out there. I did need the assist.

  • Anytime :)

    cyberus17l

  • @cyberus
    hi man would you help me out a little
    i got to the part where i encoded the base64 string from parent file
    but i can not make anything out of that
    i think its written in C# and i tried to brake it up in multiple lines but still i don't get it what i am looking for

Sign In to comment.