[OTTERCTF][Memory Forensics] 2

Notice

« 2024/07 »
일	월	화	수	목	금	토
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

Tags more

Archives

Today

Total

관리 메뉴

Hack4S3cur1ty

[OTTERCTF][Memory Forensics] 2 - General Info 본문

CTFs/2018

[OTTERCTF][Memory Forensics] 2 - General Info

h4ck4s3cur1ty 2018. 12. 16. 05:11

volatility의 envars와 netscan 명령어로 정답을 찾을 수 있다.

1
2
3
4
5
6
7
8
>vol.py -f OtterCTF.vmem --profile=Win7SP1x64 envars | findstr COMPUTERNAME
Volatility Foundation Volatility Framework 2.6
396 wininit.exe          0x00000000002abae0 COMPUTERNAME                   WIN-LO6FAF3DTFE
 
>vol.py -f OtterCTF.vmem --profile=Win7SP1x64 netscan
Volatility Foundation Volatility Framework 2.6
Offset(P)          Proto    Local Address                  Foreign Address      State            Pid      Owner          Created
0x7d62b3f0         UDPv4    192.168.202.131:6771           *:*                                   2836     BitTorrent.exe 2018-08-04 19:27:22 UTC+0000
cs

저작자표시

'CTFs > 2018' 카테고리의 다른 글

[OTTERCTF][Memory Forensics] 4 - Name Game (0)	2018.12.16
[OTTERCTF][Memory Forensics] 3 - Play Time (0)	2018.12.16
[OTTERCTF][Memory Forensics] 1 - What the password? (0)	2018.12.16
[Seccon Beginners 2018][Pwn] condition (0)	2018.05.28
[Seccon Beginners 2018][MISC] てけいさんえくすとりーむず (0)	2018.05.28

'CTFs/2018' Related Articles

Comments

Hack4S3cur1ty

[OTTERCTF][Memory Forensics] 2 - General Info 본문

[OTTERCTF][Memory Forensics] 2 - General Info

'CTFs > 2018' 카테고리의 다른 글

티스토리툴바