ScenarioWe’re currently in the midst of a murder investigation, and we’ve obtained the victim’s phon 2026-6-16 06:52:3 Author: infosecwriteups.com(查看原文) 阅读量:2 收藏
Scenario
We’re currently in the midst of a murder investigation, and we’ve obtained the victim’s phone as a key piece of evidence. After conducting interviews with witnesses and those in the victim’s inner circle, your objective is to meticulously analyze the information we’ve gathered and diligently trace the evidence to piece together the sequence of events leading up to the incident.
Tools:
Resources:
First we need to download ALEAPP tool
Press enter or click to view image in full size
After that just hit (open report & close) or open the (index.html) file from the output folder
Now we can go throw CTF
Q1: Based on the accounts of the witnesses and individuals close to the victim, it has become clear that the victim was interested in trading. This has led him to invest all of his money and acquire debt.
Can you identify which trading application the victim primarily used on his phone?
Press enter or click to view image in full size
Q2: According to the testimony of the victim’s best friend, he said, “While we were together, my friend got several calls he avoided. He said he owed the caller a lot of money but couldn’t repay now”.
Get Loay Salah’s stories in your inbox
Join Medium for free to get updates from this writer.
How much does the victim owe this person?
Press enter or click to view image in full size
Q3: What is the name of the person to whom the victim owes money?
Press enter or click to view image in full size
Q4: Based on the statement from the victim’s family, they said that on September 20, 2023, he departed from his residence without informing anyone of his destination.
Where was the victim located at that moment?
Press enter or click to view image in full size
Let’s find out the recent activity of the victim, scroll down and you will find the location of the victim inside that google maps picture
Q5: The detective continued his investigation by questioning the hotel lobby. She informed him that the victim had reserved the room for 10 days and had a flight scheduled thereafter. The investigator believes that the victim may have stored his ticket information on his phone.
Look for where the victim intended to travel.
Press enter or click to view image in full size
we can find a conversation between the victim and another one (rob1ns0n)
we can find that the victim has scheduled his flight after 10 days from 20/09 to 01/10 as you can see. Read the message carefully to answer this and the next question
Q6: After examining the victim’s Discord conversations, we discovered he had arranged to meet a friend at a specific location. Can you determine where this meeting was supposed to occur?
You can check the message above to answer this question
Thanks For your time.
Contact me:
如有侵权请联系:admin#unsafe.sh