Recent content by kern

  1. K

    Retrieving Deleted E-mail from Outlook

    Hi ew, if you expect to take any disciplinary/legal action with this incident, get a CF Pro in right at the start; someone who is keyed up on employee rights too. If you try and DIY it could leave you wide open to prosecution and severe financial penalty if you peak, or act on info gleaned...
  2. K

    Program to brute force an encrypted file

    Following on ddows comment, i'm wondering if the OP has been deliberately vague, initially, to gain some response, as also seen in other fora. Anyone else think this is tending towards " |-|4><0r " to bypass program protection? Admin ?
  3. K

    Internships/Work placements in the UK

    Hi bennett Do the Careers Dept there have any Directories / contacts you can use? why not google for data recovery and forensic companies and start writing. iirc, the only "no no" to self application was that you didn't pee on the Careers Dept feet, by applying to employers that they already...
  4. K

    WiFi WPA-PSK Rainbow Tables availible...

    20 chars ? I've witnessed network admin's and webmasters using a 3 char pass before now. 8O
  5. K

    Password Crack??

    ok i'll concede that. You are of course correct . ..... maybe i should have added "feasibly" or something. ... Even just eight bits of salt (and Linux uses much more than that) would require nine terabytes of rainbow table..... sorry,. kneejerk reaction to people throwing rainbow at...
  6. K

    Password Crack??

    Just a quickie. Maybe worth specifying the OS too for "Windows" user passwords maybe Rainbow tables cannot crack salted (*nix style) passwords. JTR can. but Yes, FTK is good, and Ophcrack, should you want alternatives for Windows OS. Kern
  7. K

    Program to brute force an encrypted file

    hi kolgrim The best shot you have, unless you know and/or care about the subject of password cracking, or have resources the FBI/CIA are jealous of, is to put your trust in the programs suggested in both forums. They usually "best guess" what sort of file it is, if you have no other info. An...
  8. K

    Retreiving chat from harddisk

    Hi Prakash, A few more details might get a better response from the rest of the community, but in general, it would depend on what chat programs were used, and if logging was turned on or a cache stored. Kern
  9. K

    Software to find source of an email?

    dilsh99 in short : Yes. but found source doesn't always guarantee found sender. Kern
  10. K

    How to create a word dictionary from a floppy, cd or HD?

    Never mentioned this as the guy was sorted out already, but for others looking for OSS solution, try a look at "Wyd" on the strings will spit out lots of garbage without suitable qualification. Kern
  11. K

    Sony Memory Stick: Any way to tell when a file was deleted?

    Hi Zed One way forward may be to reconstruct the scenario to find out how the mobile phone operates when files are created/altered/deleted.? Don't forget that any time discovered would generally be dependent upon the device clock setting itself, and not real world time. Kern
  12. K

    MIRC - Hacked? Any way to tell?

    Logs should be in the logs directory. maybe logging was disabled, or they may have been deleted. Other things to check maybe scripts.ini or anything else at all in the mirc subdirectories, and maybe any metadata associated with files downloaded. You could try a clean download of mirc and see...
  13. K

    MIRC - Hacked? Any way to tell?

    Zed It would only take the owner to add in a 3rd party 'helper' script, or initially accept a DCC send and essentially he could have relinquished control. There are many trojans, worms et al in irc. All to often an unsuspecting user accepts them or initiates them by typing something that...
  14. K

    Computer Forensic college assignment

    Hi Dragnet Two good 'real world' ones from Complete. Another possible is how to deal with consequence of encrypted filesystems. Surveillance & Live analysis may be ways forward rather than the "turn up, pull the plug and take it to the lab" approach. Kern
  15. K

    Evidence Star.lnk

    hi Statecop, Evidence eraser - yes Evidence eliminator - yes Evidence Star - no , never seen that one. did you find any other associated detail ? Kern

About us

  • Our community began in 2004. Since this time, we have grown to have over 29,000+ members within the DFIR & Cyber Security community.

    We are happy to announce that this forum is now under new ownership with the goal to once again become the main Digital Forensics Forum on the internet for DFIR, OSINT and Cyber Security.

    If you can think of ways to help us improve, please let us know.

    We pride ourselves on offering unbiased, critical discussion among people of all different backgrounds.

    We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu