This is my TryHackMe walkthrough, created to document my learning journey and share solutions with the community. The writeups include a mix of hints, step-by-step explanations, and final answers to help players who get stuck, while still encouraging independent problem-solving.
Intro to Digital Forensics Room - Learn about digital forensics and related processes and experiment with a practical example.
Overview
- Room URL: https://tryhackme.com/room/introdigitalforensics
- Difficulty: Easy
- Time to complete: 90
Walkthrough
1. Introduction To Digital Forensics
Consider the desk in the photo above. In addition to the smartphone, camera, and SD cards, what would be interesting for digital forensics?
=> Answer: laptop
2. Digital Forensics Process
It is essential to keep track of who is handling it at any point in time to ensure that evidence is admissible in the court of law. What is the name of the documentation that would help establish that?
=> Answer: Chain of Custody
3. Practical Example of Digital Forensics
Using
pdfinfo, find out the author of the attached PDF file,ransom-letter.pdf.
cd /root/Rooms/introdigitalforensics
pdfinfo ransom-letter.pdf
=> Answer: Ann Gree Shepherd
Using exiftool or any similar tool, try to find where the kidnappers took the image they attached to their document. What is the name of the street?
exiftool letter-image.jpg
- You can find the GPS location:
51°30'51.9"N 0°05'38.7"W - Search it on Google Maps
=> Answer: Milk Street
What is the model name of the camera used to take this photo?
=> Answer: Canon EOS R6