Can anyone help me with this, I'm busy with a cyber challenge, and working on challenge 5.
Story: Pjotr is communicating with somebody else who calls the shots, Pjotr is a hacker or something,
the challenge is about investigating a murder.
Now in challange 5 ...
I got a memory dump (linux), and I have to find
the name of a file (and within that file a username and password) which has been send
by Pjotr, I found 1 mail where he's asking about the money after the file transfer 2 weeks ago.
I can't use Volatility, because I'm not sure which linux rep it is.
I used (in kali linux) bulk_extractor. and got some info (also a pcap) https://dl.dropboxusercontent.com/u/4378489/cyberchallenge/packets.pcap
But still no clue about the asked file.
Any1 can help? Tips how to read the raw mem.
NB, it's in Dutch :-)