JerseyCTF 2022 / forensics – recent-memory
recent-memory Points: 250 Use the memory image in the Google drive link below. An attacker left behind some evidence in the network connections. Follow the attacker’s tracks to find the flag. https://drive.google.com/drive/folders/1ubSx3pwHOSZ9oCShHBPToVdHjTev7hXL Solving Okay let’s analyze the memory file, I will use volitality3 for this. With this command we can get all net sessions stored in the memory. python vol.py