In computer security class they gave us a memory dump of the state of a machine and we have to get information from a process. To be more precise, coordinates from google maps opened in a web browser.
I already found what process it is in (I searched through the dump and all the ocurrecences of google.com/maps were in one specific pid).
Now I need to extract the data. They suggested 2 tools to do so: foremost to get the data of a specific process and exiftool to get metadata from that file.
My issue is, I don't know how I would use foremost in this case. It usually works by giving it a file type and it gets that file type from and image. I don't what type to specify to get a process' data (or how to use it any other way).
Second issue is, can I get google maps coordinates from the metadata? I've tried using exiftool with some other files and it basically tells you what type of file it is and a couple more things. I don't see how I can get coordinate data from that.
[link] [comments]
from hacking: security in practice https://ift.tt/3pyk7ZM
Comments
Post a Comment