Log-Forensics [Defcamp Quals 2023]
We know for sure that an attacker attempted to dump the user’s passwords on the targeted system. Using your favourite text editor or Terminal commands please help us find answers to the following questions.
Intuition & Solution
We basically just used
vim to go through logs and terminal
command hystory to find most of the answers. Some of the answer we could figure
out just by searching on the internet.