In accordance with USSID18, a collection on an American citizen is permitted in cases where the person is reasonably believed to be held captive by a group engaged in international terrorism. As a result, we have obtained a copy of the home directory from the journalist's laptop and are hoping it will contain information that will help us to locate and rescue the hostage. Your first task is to analyze the data and files available in the journalist's home directory.
Downloads:
What is the journalist's username on their computer?
Enter the file name for the encrypted file on the journalist's computer.
- home.zip - Provided zip file
- home/ - Unzipped home directory
- solution.txt - Task solution
Unzip the provided file:
$ unzip home.zip
This extracts what looks like a standard home directory. To get the username:
$ ls home
SkylerHummingbird324
To view the file structure:
$ tree home
home
└── SkylerHummingbird324
├── Documents
│ └── Blog-Articles
│ ├── blogEntry1.txt
│ ├── blogEntry2.txt
│ └── blogIntro.txt
├── Downloads
├── Pictures
│ ├── Pets
│ │ ├── couchChillin.jpg
│ │ ├── loaf.jpg
│ │ └── shenanigans.jpg
│ └── Travels
│ ├── Malta
│ │ ├── BlueGrotto.jpg
│ │ ├── MostaDome.jpg
│ │ └── TritonFountain.jpg
│ └── Wales
│ ├── heatherFields.jpg
│ └── horseFeeding.jpg
├── keychain
└── pwHints.txt
9 directories, 13 files
The only file without a filename extension is keychain. To see what type of file it is:
$ file home/SkylerHumminbird324/keychain
home/SkylerHummingbird324/keychain: GPG symmetrically encrypted data (AES256 cipher)
This confirms that keychain is the encrypted file we're looking for. The answer to the first question is SkylerHummingbird324, the answer to the second is keychain. So far so good!
