Open in app

Sign In

Write

Sign In

JR
JR

1 Follower

Home

About

Dec 21, 2020

Magnet Weekly CTF — Week 11

This week was rather quick, but a slight departure from your standard memory forensics questions. I rather liked that and it gave me the chance to discover a new tool I’d never used before. Question 1 Question: What is the IPv4 address that myaccount.google.com resolves to? Hmm, I’d used all the network-related…

Memory Forensics

2 min read

Magnet Weekly CTF — Week 11
Magnet Weekly CTF — Week 11
Memory Forensics

2 min read


Dec 14, 2020

Magnet Weekly CTF — Week 10

I remember thinking last week that they hit a lot of the common memory analysis tasks with Volatility so I was thinking “I hope they give us a challenge on the next one”. Question 1 The questions started off rather easy, asking about a connection to a Google server. …

Memory Forensics

5 min read

Magnet Weekly CTF — Week 10
Magnet Weekly CTF — Week 10
Memory Forensics

5 min read


Dec 7, 2020

Magnet Weekly CTF — Week 9

Well, this was a rather lengthy one, so we’ll just get started. This month the CTF is focused on a Windows Memory image. Part 1 Question: The user had a conversation with themselves about changing their password. What was the password they were contemplating changing too. I found this one in a…

Memory Forensics

5 min read

Magnet Weekly CTF — Week 9
Magnet Weekly CTF — Week 9
Memory Forensics

5 min read


Nov 30, 2020

Magnet Weekly CTF — Week 8

This week was more centered around Incident Response, which isn’t normally in my wheelhouse, so I Was excited to maybe learn a few tricks. Part 1 The first part of the question was asking what package was installed by the attacker. Considering some of the previous questions, I immediately went to a…

Linux

2 min read

Magnet Weekly CTF — Week 8
Magnet Weekly CTF — Week 8
Linux

2 min read


Nov 23, 2020

Magnet Weekly CTF — Week 7

OK, this week was short and sweet, more of a scavenger hunt style. A much needed break from the last couple weeks which have been pretty rough. Part 1 Question: What is the IP address of the HDFS primary node? I went looking around the typical Linux places, but remembered we were…

Digital Forensics

2 min read

Magnet Weekly CTF — Week 7
Magnet Weekly CTF — Week 7
Digital Forensics

2 min read


Nov 16, 2020

Magnet Weekly CTF — Week 6

This weeks challenge was a two parter. It looks like most people were able to get the first part right, but the second part seemed to stump quite a few folks. I did have a lot of trouble with the second part, but not nearly as much as last week’s…

Hadoop

4 min read

Magnet Weekly CTF — Week 6
Magnet Weekly CTF — Week 6
Hadoop

4 min read


Nov 9, 2020

Magnet Weekly CTF — Week 5

Ok, well this week I knew was going to be rough, but I didn’t know I was going to need this much luck. This week’s question was a bit “off the beaten path” in terms of forensics, the question was to find the file name associated with a block ID…

Forensics

4 min read

Magnet Weekly CTF — Week 5
Magnet Weekly CTF — Week 5
Forensics

4 min read


Nov 2, 2020

Magnet Weekly CTF — Week 4

This week’s task was to find a GUID related to “phishing”. Now, because I had done the CTF put on by Magnet this summer in-lieu of their in-person Summit, I had a hunch on where to begin. So I immediately went to the Evernote application folder “/data/com.evernote/files/” and found the…

Forensics

2 min read

Magnet Weekly CTF — Week 4
Magnet Weekly CTF — Week 4
Forensics

2 min read


Oct 28, 2020

Magnet Weekly CTF — Week 3

Trying my hand at this blogging thing. I’ve enjoyed the weekly CTFs that Magnet has been putting on. I found this week pretty interesting and I don’t think I would have figured it out had it not been for the hint dropped in the weekly webcast. Cargo Hold The question asked “Which…

Forensics

3 min read

Magnet Weekly CTF — Week 3
Magnet Weekly CTF — Week 3
Forensics

3 min read

JR

JR

1 Follower

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech