Using Volatility to Solve the Nuit du Hack 2011 Forensic Challenges
It appears that a couple of teams participating in the Nuit du Hack 2011 Capture the Flag have been leveraging The Volatility Framework. One team solved the Forensics 100 challenge by using Volatility 1.4_rc1 to extract the VNC server password from a sample of physical memory. They also used Volatility to solve the Forensic 300 challenge where they leveraged MHL’s new netscan plugin.
Shoutz to alexmin for the Vol-loV: “I used volatility framework version 1.4_rc1. It’s a great tool for memory forensic.”
Another team used Volatility 1.3 to solve the Forensics 100 challenge by modifying the printkey plugin to extract the VNC password.
Shoutz to jiva!
