mercredi 12 juin 2019, 10:46 #2
Forensic(Find me again)
there was this place where you found the password for decrypting the gpg and getting the crypted zip.
in the same place you see what the son did after that.
and i have to admit it was hard to understand, but it was about nano and understanding what files he edited
maybe you find a matching directory structure somewhere...
(also my hints are crypting it should help you 🙂
dimanche 26 septembre 2021, 16:02 #3
Forensic(Find me again)
Hi !
I extracted the txt file from the memory dump but it’s full of \x00. Do you have any hint on how to decode it in order to bypass the zip file ?
Thanks