forensicskween

HackTheBox: Insider

A potential insider threat has been reported, and we need to find out what they accessed. Can you help?

Information

Challenge: Insider

Category: Forensics

Difficulty: Easy

Files : Insider.zip 8.3 MB
– Mozilla 40 MB

Environment: Remnux VM

My Recommendations

Download and Verify the archive

Download it from hackthebox and verify it with:

sha256sum /path/to/Insider.zip

SHA256SUM: 7dbdd9ddf6c7f33f4d5af69faeb43763b3ba9cf4b3c54fcbcac4074e9d6bc882

Walkthrough

1. Browser Analysis

When dealing with Browser Forensics, I like to use the tools I know work first before moving on to more manual/hands-on work. In this case, I used firefox_decrypt on the 2542z9mo.default-release profile and got the flag right away:

				
					firefox_decrypt.py Mozilla/Firefox/Profiles/2542z9mo.default-release/

Flag: HTB{ur_8RoW53R_H157Ory}

TLDR

– This challenge is honestly ver east. All you need is to use firefox_decrypt to decrypt the firefox credentials.

forensicskween

HackTheBox: Insider

Information

My Recommendations

Walkthrough

1. Browser Analysis

Flag: HTB{ur_8RoW53R_H157Ory}

TLDR

Recent Posts

CyberDefenders: NintendoHunt

CyberDefenders: Hafinum-APT

PwnMe Quals 2023: Crypto

Follow Us

Featured Video

Guide

forensicskween

Leave a ReplyCancel reply

••• You Might Also Enjoy

Protected: HackTheBox: Twisted Entanglement

Protected: HackTheBox: oBfsC4t10n

CyberDefenders: HoneyBOT

HackTheBox: signup

Resources

Pages

HackTheBox: Insider

Information

My Recommendations

Walkthrough

1. Browser Analysis

Flag: HTB{ur_8RoW53R_H157Ory}

TLDR

Recent Posts

Follow Us

Featured Video

Guide

forensicskween

Leave a ReplyCancel reply

••• You Might Also Enjoy

Resources

Pages

Discover more from forensicskween