Description

This challenge is of medium difficulty. You have identified a malicious script that was executed before the computer shut down. A copy of the disk was made, and your task is to investigate the disk to understand the “extent of the damage” caused by the script.

URL: Mega.nz Download Link

Fingerprint (SHA256): eb135b3db3efe64220753c2b6495cc30bd51a1fa0268d1b7074323c91e872492

Format: HERO{flag} Author: Mallon

Continue reading [HeroCTF 2024] [Forensics 316 – LazySysAdmin #2] Write Up →