HackTheBox Pursue the Tracks Challenge

https://app.hackthebox.com/challenges/676

Description

Luxx, leader of The Phreaks, immerses himself in the depths of his computer, tirelessly pursuing the secrets of a file he obtained accessing an opposing faction member’s workstation. With unwavering determination, he scours through data, putting together fragments of information trying to take some advantage on other factions. To get the flag, you need to answer the questions from the docker instance.

Solutions

mft2csv z.mft

Set the output path and analyze the resulting CSV file.

Files are related to two years, which are those? (for example: 1993,1995)

2023,2024

There are some documents, which is the name of the first file written? (for example: randomname.pdf)

Final_Annual_Report.xlsx

Which file was deleted? (for example: randomname.pdf)

Marketing_Plan.xlsx

How many of them have been set in Hidden mode? (for example: 43)

1

Which is the filename of the important TXT file that was created? (for example: randomname.txt)

credentials.txt

A file was also copied, which is the new filename? (for example: randomname.pdf)

Financial_Statement_draft.xlsx

Which file was modified after creation? (for example: randomname.pdf)

Project_Proposal.pdf

What is the name of the file located at record number 45? (for example: randomname.pdf)

Annual_Report.xlsx

What is the size of the file located at record number 40? (for example: 1337)

57344

Summary

Pursue the Tracks: isolate the relevant artifact, decode the evidence, and extract the flag.