After Karen started working for 'TAAUSAI,' she began to do some illegal activities inside the company. 'TAAUSAI' hired you to kick off an investigation on this case.
You acquired a disk image and found that Karen uses Linux OS on her machine. Analyze the disk image of Karen's computer and answer the provided questions.
What distribution of Linux is being used on this machine?
What is the MD5 hash of the apache access.log?
It is believed that a credential dumping tool was downloaded? What is the file name of the download?
There was a super-secret file created. What is the absolute path?
What program used didyouthinkwedmakeiteasy.jpg during execution?
What is the third goal from the checklist Karen created?
How many times was apache run?
It is believed this machine was used to attack another. What file proves this?
Within the Documents file path, it is believed that Karen was taunting a fellow computer expert through a bash script. Who was Karen taunting?
A user su'd to root at 11:26 multiple times. Who was it?
Based on the bash history, what is the current working directory?