Wednesday, April 5, 2023

HTB - Illumination

Initial Investigation & Solution

We can actually find the problem upon unzipping the challenge.

We see immediately that there is a .git folder along with what looks to be the log file!

Using git to read the log.

A token was removed as a security precaution, dig a little deeper and view the change.


There is the token! Looks to be base64 so simply decode and we have our flag!


THM - Windows Forensics 1

Scenario One of the Desktops in the research lab at Organization X is  suspected to have been accessed by someone unauthorized. Although the...