Warm UpWhat Southern state’s sports team did Rocco search up? (STATE ONLY) In Axiom > Web Related > Chrome Keyword Search Terms, “ragin cajuns football roster” is on the list. In America, we consider football a sport. (We also consider soccer a sport, but use the proper names.) Google “ragin cajuns”, and discover they’re from…More
Magnet Forensics Virtual CTF 2024 – Cipher Challenges
Why did the bicycle fall over? It was tired of all the ROTation!rfgq ayl lmr zc rfgq qgknjc Starting out simple with clear & obvious clues. That capital ROT leads to ROT13. To solve this one, head over to CyberChef and bake up a recipe using ROT13. Set Rotate Numbers amount to 2 and viola……More
Magnet Forensics Virtual CTF (May 2023) – It’s a wrap!
I happily finished 17th in this CTF. It would have been13th, but I missed submitting my last flag by seconds. Honest. Links to all 3 parts of my write-up. (Write-ups are hard work!)Part 1 – https://dfir101.wordpress.com/2023/05/12/magnet-forensics-virtual-ctf-may-2023-android-challenges-walkthrough-1/Part 2 – https://dfir101.wordpress.com/2023/05/16/magnet-forensics-virtual-ctf-may-2023-android-challenges-walkthrough-2/Part 3 – https://dfir101.wordpress.com/2023/05/19/magnet-forensics-virtual-ctf-may-2023-android-challenges-walkthrough-3-3/ Walkthroughs from others:Keven Pagano – https://www.stark4n6.com/p/ctf-write-ups.htmlMatthew Plascencia –https://github.com/tapatiohaxx/Magnet-CTF-2023-Wrteup-and-ResourcesBlueMonkey4n6 – https://www.youtube.com/watch?v=KtdQyuhAZAs&t Looking forward to…More
Magnet Forensics Virtual CTF (May 2023) – Android Challenges Walkthrough (3/3)
Here’s the final handful of challenges I completed.I found another CTF write-up here > https://github.com/tapatiohaxx/Magnet-CTF-2023-Wrteup-and-Resources Challenge: How many is too many… Another one solved by wandering around inside AXIOM.Documents > PDFs > “banana_splitl_(1).pdf” looks interesting. Aaaaaaand it is…. 5 people listed with PII Challenge: Italian Beast! Again, I remembered seeing an image of tigers or…More
Magnet Forensics Virtual CTF (May 2023) – Android Challenges Walkthrough (2/?)
Challenge: One email isn’t enough… This one was a bit tricky. I didn’t find any gmail.com accounts,There were two accounts found by AXIOM (ReRefined Results > User Accounts). Without out limited attempts to the challenge, I first guessed “tlouis@kurvalis.com”. This was wrong. Checking out the domain tells me that kurvalis.com is managed by Google. (And…More
Magnet Forensics Virtual CTF (May 2023) – Android Challenges Walkthrough (1/?)
Time to tackle the Android challenges from the Magnet CTF.Magnet Forensics provides a trial of AXIOM for use with the CTF. Device images are released a few days ahead of the CTF start date so we can start churning away at collecting info. Several of these kicked my butt. Kevin Pagano has a complete write…More
Magnet Forensics Virtual CTF (May 2023) – Cipher Challenges Walkthrough
This past weekend, Magnet Forensics hosted another DFIR CTF. These are always fun since the challenges are more “real world” to me. There were two portions to the CTF. Let’s tackle the Cipher Challenges first! Let’s see how well I did. Tools used:– dCode – http://dcode.fr/en– CyberChef – https://gchq.github.io/CyberChef/– Notepad++ – https://notepad-plus-plus.org/– Base64Decoder – https://www.base64decode.org/…More
DFIR101 