Find out 'how' data was fetched

Solves Objective: Figure how the data fetched remotely and what was called to get it to fetch the resource

What is this task?

This task just asks you to explain how the data for the binary integrity system was checked.

Answer

This is pretty easy to solve- but basically, the binary integrity system used a website called pastebin to store production hashes of the original binary and used curl to fetch this information. We can confirm that this was curl and this was a system command being executed by using ProcMon and filtering for command API calls.

Found and discovered in - File location of the hash

PreviousHashing Algorithm Investigation NextBypass Binary Integrity

Last updated 1 year ago