hello everyone working on root now. i think i understand at what process i should looking, but i can’t find file k**4.d under usual location. Can somebody help me?
nvm, I was blind, found it. Now trying to do something with it
okay, I am stuck on it is where any way to copy files from heist machine to my kali and vise versa?
Did you able to root?, am stuck on same step got k**.d* but what next? reading article , it mentioned it required log**.j** to decrypt? Am i on the wrong path?
@Raven37 said:
hello everyone working on root now. i think i understand at what process i should looking, but i can’t find file k**4.d under usual location. Can somebody help me?
nvm, I was blind, found it. Now trying to do something with it
okay, I am stuck on it is where any way to copy files from heist machine to my kali and vise versa?
I have the k.d* file, but I’m stumped as to what to do next. I cant see a way to decrypt it with the info I have. I can’t see any info that stands out from the processes either. Is there a tool or ps cmd like pspy but for windows? Also there is no l*****.j**n file?
I am unable to find the exact next step. I have a stable shell and I am able to transfer files without any issues. I have looked at every process, like others suggested in this thread, but it looks like I am unable to find the exact one that will allow me to move forward.
Never been more lost at root before, but I must say it was an excellent learning experience for memory forensics → priv esc. Big thanks to @C3PJoe and @v0yager for the help
Hint for root:
Dump the process with the right tool and the right flags to get EVERYTHING you need but you won’t really need everything in the end