https://izrid.github.io/tags/forensics/Recent content in Forensics on izridHugoen-usSat, 09 Mar 2024 00:00:00 +0000https://izrid.github.io/posts/nathan-on-osu/Sat, 09 Mar 2024 00:00:00 +0000https://izrid.github.io/posts/nathan-on-osu/Challenge Description: Here’s an old screenshot of chat logs between sahuang and Nathan on hollow’s Windows machine, but a crucial part of the conversation seems to be cropped out… Can you help to recover the flag from the future? Solving Process: We’re given a zip file that contains a cropped PNG image. Around March 2023, news circulated about the “aCropalypse” - an exploit in screenshot editing tool on the Google Pixel and later discovered to exist on Windows 10 and 11 ( CVE 2023-21036 and CVE 2023-28303 )https://izrid.github.io/posts/out-of-click/Sat, 09 Mar 2024 00:00:00 +0000https://izrid.github.io/posts/out-of-click/Challenge Description: I love playing this map but recently I noticed that some of the circles seem off. Can you help me find the locations of the weird circles? Solving Process: After downloading the provided ZIP file, it appears to contain a beatmap folder that can be used in osu! itself (I don’t play, so please excuse any incorrect terminology used), so I spent a lot of time messing around with the in-game editor in osu!https://izrid.github.io/posts/volatile-map/Sat, 09 Mar 2024 00:00:00 +0000https://izrid.github.io/posts/volatile-map/Challenge Description: Hey osu players, our SOC team was informed that a group of spies from Mai Corp is trying to sabotage our infrastructure via their secret map in osu!. We were able to break into their rendezvous, but they noticed we were stealing their data and they corrupted them in time. Fortunately, we managed to acquire a full memory dump from one of their machines. Can you help us investigate what they were trying to do?