Description

My grandfather had saved some sensitive information in a sepecific website. Can you find what's been hidden in the history of his default browser. That's the goal of this challenge. Memory Dump: Download Author: Raf²

• What volatility profile is the most appropriate for this machine? | Weight: +25
• What is the MD5 hash of the memory dump? | Weight: +25
• What is the hostname? | Weight: +25
• What is the PID of the Notepad process? | Weight: +25
• What is the PID of the Explorer process? | Weight: +25
• What is the parent process start time of notepad.exe? | Weight: +50
• What is the IP Address used by the machine? | Weight: +50
• What is the executable path for process ID 1164? | Weight: +75
• My Grandfather calls CMD, the Black Language, can you find the flag there? | Weight: +50
• My Grandfather is environmental, can you find the flag? | Weight: +75
• My Grandfather left something on the Desktop, can you find it? | Weight: +100
• My Grandfather copied his password, can you find it? | Weight: +100