Did I miss anything when checking for passwords? [migrated]
- by Keltari
There's a bit of a story to this, so bear with me...
I am looking for a new job and came across a posting for a computer forensics position. Its not really my field, but I thought I would apply anyway, just for fun. To make a longer story shorter, they want you to uncover as many passwords as you can find. I downloaded an image and dd'd it to a thumbdrive. The only thing visible was a text file, which contained a password.
I knew there had to be more, so I used an undelete utility and found 2 deleted files. First there was another text file with a password - easy. The other was a .pst file which I mounted into outlook. There were some emails with passwords, as well as an email with an image. Another email has a link to a stegenography site.
Obviously, there was a file hidden in the image, so I went to the website and downloaded the stegenography decoder. I had to try some of the passwords I had found to get the file to decrypt, and sure enough, there was another text file with a password. I called it a day at that point.
Did I miss any other methods?