Wargame 🎮/🌞 SuNiNaTaS

[SuNiNaTaS] 30번 문제

2022. 6. 20. 03:42

[SuNiNaTaS] 30번 문제

상단으로

plugin	설명
timeliner.Timeliner	Runs all relevant plugins that provide time related information and orders the results by time.
windows.bigpools.BigPools	List big page pools.
windows.cmdline.CmdLine	Lists process command line arguments.
windows.dlllist.DllList	Lists the loaded modules in a particular windows memory image.
windows.driverirp.DriverIrp	List IRPs for drivers in a particular windows memory image.
windows.driverscan.DriverScan	Scans for drivers present in a particular windows memory image.
windows.dumpfiles.DumpFiles	Dumps cached file contents from Windows memory samples.
windows.envars.Envars	Display process environment variables windows.filescan.FileScan Scans for file objects present in a particular windows memory image.
windows.getservicesids.GetServiceSIDs	Lists process token sids.
windows.getsids.GetSIDs	Print the SIDs owning each process
windows.handles.Handles	Lists process open handles. windows.info.Info Show OS & kernel details of the memory sample being analyzed.
windows.malfind.Malfind	Lists process memory ranges that potentially contain injected code.
windows.memmap.Memmap	Prints the memory map windows.modscan.ModScan Scans for modules present in a particular windows memory image.
windows.modules.Modules	Lists the loaded kernel modules.
windows.mutantscan.MutantScan	Scans for mutexes present in a particular windows memory image.
windows.netscan.NetScan	Scans for network objects present in a particular windows memory image.
windows.poolscanner.PoolScanner	A generic pool scanner plugin.
windows.privileges.Privs	Lists process token privileges windows.pslist.PsList Lists the processes present in a particular windows memory image.
windows.psscan.PsScan	Scans for processes present in a particular windows memory image.
windows.pstree.PsTree	Plugin for listing processes in a tree based on their parent process ID.
windows.registry.certificates.Certificates	Lists the certificates in the registry's Certificate Store.
windows.registry.hivelist.HiveList	Lists the registry hives present in a particular memory image.
windows.registry.hivescan.HiveScan	Scans for registry hives present in a particular windows memory image.
windows.registry.printkey.PrintKey	Lists the registry keys under a hive or specific key value.
windows.registry.userassist.UserAssist	Print userassist registry keys and information.
windows.ssdt.SSDT	Lists the system call table.
windows.statistics.Statistics	windows.strings.Strings Reads output from the strings command and indicates which process(es) each string belongs to.
windows.symlinkscan.SymlinkScan	Scans for links present in a particular windows memory image.
windows.vadinfo.VadInfo	Lists process memory ranges.
windows.virtmap.VirtMap	Lists virtual mapped sections.

30번 문제

티스토리툴바