Objective

Challenge

We speak with Piney Sappington to kick things off as the pre-curser to objective 2.

He goes on to explain that our help is needed with some forensics. It appears that someone has modified a document on this terminal and we are tasked with finding out.

Perry then goes on to suggests that exiftool is already installed and that someone from the other conference was the likely culprit. He then suggests if we can help him that a hint will be provided.

Clicking on the terminal we see that Jack Frost has modified one of the files on the naughty/nice records right before Christmas and we are tasked with saving the day.

I started off with a quick check of all files in the directory.

From here I ran exiftool * and all information was printed out. I then found Jack Frost. What I should of done was exiftool * | grep Jack - haha oh well!

The correct way is exiftool * | grep -B 40 "Jack Frost"

-B print context of leading lines

Answer 2021-12-21.docx