#forensics CTF

you using linux or windows?

macos

what i opeing the file with VM

(windows)

I think on macos you can run stat <filename>

thank you so mush
gosh i just wanna to learn how you do that so fast

I'm using Linux almost exclusively for over 2 years now. these CTFs are very very basic and just requires some utility commands knowledge

alr thanks :))))

ummm the thing the command shows when the file was downloaded to my pc
but i need to give the last modeifed date of the file they gave me to download

doesn't it gives that as well?

ohhh my bad

ls -l file shows modification time

it is

sorry

is there maye a diffrent way to check it cuz when i submitting the answer still telling me im wrong
i can tell this CTF kinda middle level and not beginners

i was thinking that IDA can help me but nothing

IDA is an overkill and I don't think it can be used for this case since modification date and stuff are considered shadow data or whatever it's called and is stored on something called Inode (at least on Ext4)

maybe wrong format?

umm no
they can hide the date in inside the file they really like do that to confuse ppl
or maybe something else

I don't understand much in binaries but I don't think it'd make sense to hide modification date in data...

maybe we're a bit confused about the objective

run strings <filename>

yeah i know about strings
in this case doesn't really helping and gives random stuff

can you send the link of the ctf?

umm this ctf is locked only for my school students
can we maybe go to dm

pls

sure