Forensics

I made a dd of Agent Smith usb key

The first thing we run is the command file on the file

file 86b265d37d1fc10b721a2accae04a60d
Linux rev 1.0 ext2 filesystem data (mounted or unclean), UUID=91c0fd20-bd3d-44e3-bfbb-1c18a9c0a20b

This gives you an idea on what type of file you’re dealing with.

A quick google search let’s you know that the file is an image of something that you could mount.

Another thing that is useful to run if the command strings

strings 86b265d37d1fc10b721a2accae04a60d | less

This pretty much gave us the answer that we were looking for. Line 7 contains what we were looking for.

The flag is : FLAG-ggmgk05096