Académie de l'investigation - Premiers artéfacts

Description

To continue the analysis, you need to find:

The name of the processus with PID 1254.
The exact command that was executed on 2020-03-26 23:29:19 UTC.
The number of network connexions TCP and UDP established during the dump with unique Peer Address.

Note : The flag follows the format: FCSC{name_of_processus:a_command:n_connexions}.

This challenge has been split into seven parts:

Académie de l’investigation - C’est la rentrée.
Académie de l’investigation - Administration.
Académie de l’investigation - Premiers artéfacts.
Académie de l’investigation - Porte dérobée.
Académie de l’investigation - Rédaction.
Académie de l’investigation - Partage.
Académie de l’investigation - Dans les nuages.

Files

dmp.mem.tar.xz
155.40 MiB – a6b98f7b21cdc81ed319ff158bf4e56d885546fd1f98e860ef622066b0951fff

Author

alx

Flag

You don't have JavaScript actived. No problem! You can check your flag like this: echo -n 'PUT_THE_FLAG_HERE' | sha256sum # possible output: 092cf06ba52e877f96c90c37fcdad3cf52ee8c46f5c071024c9ceba229dcaa94

Writeups

I've been looking for a long time and I still can't find the flag!

You can vote for the solutions you prefer by using the on their respective pages.

Date	Author	Language	Tags	Vote
2024-05-04	lrstx	🇫🇷