Tuesday, February 2, 2010

Forensics Contest #3 - Answers

Ok, not going to do a writeup on this one. NetworkMiner was able to pull all the info out without much work. Thankfully it puts tcp packets back together and reconstructs the .xml files in question. Hopefully someone out there was able to come up with a new script to pull all the info they wanted, but it wasn't me, that is for sure!

My answers were:
1. 002500FE07C4
2. AppleTV/2.4
3. h, ha, hac, hack
4. Hackers
5. http://a227.v.phobos.apple.com/us/r1000/008/Video/62/bd/1b/mzm.plqacyqb..640x278.h264lc.d2.p.m4v
6. Sneakers
7. $9.99
8. iknowyourewatchingme

No comments: