Uncategorized

1. winpmem-21.post4.exe -o -output.aff4 2. winpmem-2.1.post4.exe output.aff4 –export PhysicalMemory -o memory.img 2.1 rekal -f memory.img hives 3. Rekal -f \\.\pmem 4. pslist   1. Output: Reading 0x3f7338000 16243MiB / 16255MiB 52MiB/s Adding C:\Windows\SysNative\drivers\1394ohci.sys as file:///C:/Windows/SysNative/drivers/1394ohci.sys Adding C:\Windows\SysNative\drivers\3ware.sys as file:///C:/Windows/SysNative/drivers/3ware.sys Adding

AOL Instant Messenger (TM).rsr AOL Instant Messenger.rsr Favorites.rvc Internet Explorer.rsr NTUser – Files set to Run on Startup.rsr NTUser – Internet Account Manager.rsr NTUser – Internet Explorer.rsr NTUser – LastVisited and OpenSave MRU.rsr NTUser – Media Player MRUs.rsr NTUser –

Instruction on Installing SIFT3 -Download Ubuntu 14.04 Desktop ubuntu-14.04.5-desktop-amd64.iso http://releases.ubuntu.com/14.04/SHA256SUMS -Check SHA256 f5ce20686a2f3201f04a309d04171ee15757f00954b33b87f3f1d36b3b0f5356 *ubuntu-14.04.5-desktop-amd64.iso PS C:\download> certutil.exe -hashfile .\ubuntu-14.04.5-desktop-amd64.iso sha256 SHA256 hash of file .\ubuntu-14.04.5-desktop-amd64.iso: f5ce20686a2f3201f04a309d04171ee15757f00954b33b87f3f1d36b3b0f5356 -Install in Oracle VM Virtualbox -sudo apt-get update -wget –quiet -O – https://raw.github.com/sans-dfir/sift-bootstrap/master/bootstrap.sh |

Hold down the Windows key, and type R. Type: “shell:startup” Click OK. Put shortcut to program to be start up automatically.

Build in Powershell certutil -hashfile 1.txt sha256 >1.txt.sha2 MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512   Output (1.txt.sha2) SHA256 hash of file 1.txt: a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3 CertUtil: -hashfile command completed successfully.

c:\share Oracle VM Share Folder: Treansient Folders wd c:\share insert guest addition cd image sudo apt-get update sudo apt-get install virtualbox-guest-dkms cd /home/metal/share/ sha1sum metalsploit-latest-linux-x64-installer.run > metalsploit-latest-linux-x64-installer.sha1 sha1sum -c metalsploit-latest-linux-x64-installer.sha1 or sha1sum -c s.sha1 gedit error “could not save file”

Lazada Malaysia is currently the largest online shopping portal in Malaysia. Zalora Malaysia is specialized in clothes, shoes and accessories. Some of the interesting features are: Free Standard Shipping Wide Range Of Assortments Buyer Protection Top Deals Everyday Southeast Asia’s leading e-commerce

This is a Lazada Microsoft Wise Pad W7 Blogger Contest, organized by Lazada Malaysia, one of the largest online shopping portals in Malaysia, Involve Asia and ShopCoupons. The contest starts on 21st June 2016 and ends on 11th July 2016.