hello
So i have take on this challenge. even thou i have no experience doing forensics, but hey i am here to learn after all.
(ill try 2 keep this as spoiler free as i can)
i am stuck at the point where i have decoded the b64 string
and i cant make anything out of what i am looking at … i suspect once i figure out what i am looking for in it i will find the flag in the child file
if i am on the wrong path please let me know
and give me a tip
Thanks to everyone in advance
Same here… not have idea what next. Can someone help?
Type your comment> @S4K4L04 said:
hello
So i have take on this challenge. even thou i have no experience doing forensics, but hey i am here to learn after all.
(ill try 2 keep this as spoiler free as i can)
i am stuck at the point where i have decoded the b64 string
and i cant make anything out of what i am looking at … i suspect once i figure out what i am looking for in it i will find the flag in the child file
if i am on the wrong path please let me know
and give me a tip
Thanks to everyone in advance
There is a ‘dumpfiles’ function in volatility.
Finally have it. If anyone needs help, PM me and I’ll lead you in the right direction.
Awesome challenge. Easier than I was making it lol.