Top Ad unit 728 × 90

Latest News

random

Daily Blog #670: Solution Saturday 4/11/20



Hello Reader,
           This weeks winner is a repeat champion who this week brought in an entry so strong I think it scared away all the other contestants! This weeks challenge asked you to test a new but in my opinion unproven execution artifact and boy did the winner deliver. From understanding how the artifact works to what the limitations are Maxim Suhanov knocked this weeks challenge out of the park!

Tune in tomorrow for your chance at another win and look below to see Maxim's winning post.



Question: 
We've all heard of the BAM key by now, located in SYSTEM\\services\bam, but what are the limitations? Answer the following questions:1. What types of programs are not logged in BAM?2. Are there any paths excluded from BAM?3. What can cause a program to no longer be listed in the BAM key?4. When does the BAM get updated?5. What can update the BAM timestamp?

The Winning Answer:
Maxim Suhanov posted his winning entry on his blog which you can read here:
https://dfir.ru/2020/04/08/bam-internals/
Daily Blog #670: Solution Saturday 4/11/20 Reviewed by David Cowen on April 11, 2020 Rating: 5

No comments:

All Rights Reserved by Hacking Exposed Computer Forensics Blog © 2014 - 2020
Powered By Blogger, Designed by Sweetheme

Contact Form

Name

Email *

Message *

Powered by Blogger.