Learning Objectives After completing this task, you will learn about:
- Procedures for collecting digital evidence
- The challenges with modern smartphones
- Using Autopsy Digital Forensics with an actual Android image
Power up the machine and open Autopsy from the desktop.
In Autopsy open the case McGreedy.aut
After it loads the case:
Open up Images sort it by Thumbnail
QUESTIONS
1.One of the photos contains a flag. What is it?
ANSWER
THM{DIGITAL_FORENSICS}
- What name does Tracy use to save Detective Frost-eau’s phone number?
ANSWER
Detective Carrot-Nose
Open up Images:
- One SMS exchanged with Van Sprinkles contains a password. What is it?
ANSWER
chee7AQu
open up messages:
Submit Information chat bot evidence:
Then purple snow:
Submit Forum Post:
Select JingleHax
Submit evidence Dropped Usb:
Select mcgreedysecretc2.thm
Submit Malware Sample
Select stash.mcgreedy.thm
Submit C2 server credentials:
Select mcgreedy
Submit Forensic image MCgreedy's Phone:
Select van Sprinkles
Finally the flag:
flag
THM{YouMeddlingKids}
just fill the survey form
flag
THM{SurveyComplete_and_HolidaysSaved}