WriteUp
WriteUp copied to clipboard
DFC-2021-DogeCoin
KIISC Digital Forensics Challenge 2021 - DogeCoin's WriteUp
DogeCoin's WriteUp
KIISC Digital Forensics Challenge 2021 The write-up of the winning team
🏆 Challenge Overview
Hosted by the Korean Institute of Information Security and Cryptology(KIISC), the Digital Forensics Challenge 2021(DFC 2021) aims to expand our knowledge of digital forensics and to contribute to this field. Now in its fourth year, it plays a significant role in developing new technologies and training forensic experts such as researchers and graduate students in the field of information security. Last year alone, the number of participants recorded a total of 765 people from 500 teams, with 327 Korean and 173 International teams.
⛳️ Description
This challenge consists of 24 problems and they have 100, 200, 300, 400, or 4~5 problems will be released on the 1st of each month, and the deadline for submission is the last day of the month. There is no limit on the number of submissions within the due date, but there is a disadvantage when submitting after the due date.
QUALIFICATION – Anyone interested in Digital Forensics. – Participants can register individually or as a team. – The maximum number of team members is six.
PARTICIPATION – Participants can use any tool (No Limitation) – You can write answer-sheet in English or Korean – Sharing answers or codes is not permitted
🎉 Result
This is the final score and ranking of the top 5 teams. To check the scores of more teams, access the rank page.
| Rank | Name | Final Score | Nation |
|---|---|---|---|
| 🥇 | DogeCoin | 5520 | Korea (South) |
| 🥈 | K2YPLZ | 5138 | Korea (South) |
| 🥉 | InfoWarrior404 | 5114 | Korea (South) |
| 4 | HM | 4978 | Korea (South) |
| 5 | K-Forensics | 3908 | Korea (South) |
⚔️ WriteUp
We do not provide source codes and image files used in challenge, but only write-ups.
🐥 100-points problems
Problems that can be solved using known theories and tools.
| No | Problems | Keyword | Score | Main Author |
|---|---|---|---|---|
| 101 | Shellcode Analysis | Assembly, Reversing | 100 | Dongbin Oh |
| 102 | Find all graphics | Parsing, Graphics | 100 | Donghyun Kim (ZIGBANG) |
| 103 | Malware Downloader | Malware, Download | 100 | Yeongwoong Kim |
| 104 | System reconfiguration | Docker, Memory, Dataleak | 100 | Yeongwoong Kim |
| 151 | Malicious Service | Malware, Registry | 0 | All |
🦩 200-points problems
Problems that can be solved by analyzing more than 2 artifacts.
| No | Problems | Keyword | Score | Main Author |
|---|---|---|---|---|
| 201 | Shredder Testing | Delete, Shredder, Testing | 200 | Dongbin Oh |
| 202 | Where have you been | Wearable, Finding | 200 | Dongbin Oh |
| 203 | Find suspicious USB & documents | USB, Document | 190 | Donghyun Kim (Korea Military Academy) |
| 204 | Slack Off | Mobile, Game | 200 | Donghyun Kim (ZIGBANG) |
| 205 | Diagnosis | Telemetry, SQLite | 200 | Yeongwoong Kim |
| 206 | Secret message | Steganography | 170 | Donghyun Kim (Korea Military Academy) |
| 207 | Living | Living, ADS | 200 | Donghyun Kim (Korea Military Academy) |
| 208 | iOS Fridump | iOS, Fridump3 | 200 | Dongbin Oh |
🦉 300-points problems
Problems requiring analysis know-how as they may be time consuming or inaccurate with known tools.
| No | Problems | Keyword | Score | Main Author |
|---|---|---|---|---|
| 301 | What is the secret information | Android, Screenlock | 300 | Dongbin Oh |
| 302 | User Behavior Analysis | Windows, Artifacts | 220 | Donghyun Kim (Korea Military Academy) |
| 303 | How was it leaked? | Investigation, DataBreach | 300 | Donghyun Kim (ZIGBANG) |
| 304 | Find a confidential file | Partition, Decryption | 300 | Donghyun Kim (Korea Military Academy) |
| 305 | Crack the app | Android, 2-FactorAuth | 300 | Dongbin Oh |
| 306 | Event Logs | Eventlogs | 225 | Donghyun Kim (Korea Military Academy) |
| 307 | Bitcoin wallet | Cryptocurrency, Wallet | 240 | All |
| 308 | Find Forged Record | Forged, Meida_meta | 275 | Donghyun Kim (ZIGBANG) |
🐉 400-points problems
Problems requiring the development of forensic tool.
| No | Problems | Keyword | Score | Main Author |
|---|---|---|---|---|
| 401 | Irresponsible predecessor | FileSystem, Decryption | 400 | Dongbin Oh |
🚀 500-points problems
The solutions of this problems are not published.
| No | Problems | Keyword | Score | Main Author |
|---|---|---|---|---|
| 501 | VolaVola | Malware, Memory, Plugin | 500 | All |
| 502 | M1 Ransom | Reversing, Programming | 500 | Donghyun Kim (ZIGBANG) |
📝 Author
If you want to contact us, please send at this email.
🎙 Challenge Organizer
🎭 Challenge Sponsor
📌 License
This license lets others remix, adapt, and build upon your work non-commercially, as long as they credit you and license their new creations under the identical terms.
Metadata
Owner
DFC-2021-DogeCoin
Metadata
KIISC Digital Forensics Challenge 2021 - DogeCoin's WriteUp