Monthly Archives: July 2015
[Cybercamp 2015] [Reverse 3] Write Up
Description :
Nos han enviado un archivo para su reconstrucción. Del archivo conocemos lo siguiente:
Se trata de parte de un fichero comprimido del que se ha perdido la cabecera de, exactamente, 10 bytes. cabecera
Se sabe que contiene un fichero de texto ASCII.
La cabecera no tiene ningún un campo opcional.
El segundo byte de la cabecera perdida es 0x8B.
El fichero se generó en una máquina UNIX.
[Cybercamp 2015] [Web 11 – Convert to uppercase] Write Up
Description
Title : Convert to uppercase
Continue reading [Cybercamp 2015] [Web 11 – Convert to uppercase] Write Up
[Cybercamp 2015] [Forense 4.1] Write Up
Description
There was an intrusion for some time and from this computer seems to have downloaded malicious programs to do a DDoS from this pc.
Question: In which directory is the downloaded program?
[Cybercamp 2015] [Forense 2.5] Write Up
Description
The company of Mr. Garcia has been robbed of 74,300€ from his bank account. The theft was committed without the knowledge of Mr. García or people in charge of IT.
Some of the money has been retrieved thanks to the speed of the bank to block the target account, but Mr. Garcia is determined to know how this unfortunate incident occurred, as he invested in forming security technicians and purchasing a perimeter antivirus solution for workstations.
After the incident, we have been asked to do a forensic analysis of the machine, but unfortunately these devices have been handled incorrectly and have no value for our review. Fortunately the system administrator, before the network failure, (do not know if caused by the incident) got a file with network traffic of the same day as the theft of bank accounts.
Question: What SHA256 hash, has the program downloaded?
Answer format: SHA256 of SHA256 hash