Forums
Main Category
General (Technical,...
PC images compariso...
 
Notifications
Clear all

PC images comparison !! how to !

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by evilcode1 9 years ago
7 Posts
4 Users
0 Reactions
350 Views
RSS
 evilcode1
(@evilcode1)
Estimable Member
Joined: 10 years ago
Posts: 157
Topic starter 03/01/2017 5:11 pm  

hello there …
some one asked me this
he got a laptop for analysis from an org. to check if this laptop has been hacked or not his result after examination is Clean ( not hacked )
the org. want to send the laptop to another one that one is a gamer maybe he will inject a trojan to laptop to show that first person is inexperienced or liar for some aims …

so the question is is there anyway to compare 2 images to find the whole changes on the system aut with free tool ?
or i should do them manually buy getting snapshot from registry and dump the process by using dumpit.exe tool

thats all


   
Quote
 evilcode1
(@evilcode1)
Estimable Member
Joined: 10 years ago
Posts: 157
Topic starter 03/01/2017 10:44 pm  

???

up

up


   
ReplyQuote
jpickens
 jpickens
(@jpickens)
Estimable Member
Joined: 18 years ago
Posts: 130
03/01/2017 10:55 pm  

the org. want to send the laptop to another one that one is a gamer maybe he will inject a trojan to laptop to show that first person is inexperienced or liar for some aims …

not sure I understand. why would someone want to add an exploit or malicious code to see if one existed on the original image?


   
ReplyQuote
 evilcode1
(@evilcode1)
Estimable Member
Joined: 10 years ago
Posts: 157
Topic starter 04/01/2017 12:14 am  

the org. want to send the laptop to another one that one is a gamer maybe he will inject a trojan to laptop to show that first person is inexperienced or liar for some aims …

not sure I understand. why would someone want to add an exploit or malicious code to see if one existed on the original image?

the world is evil D
so any help for take an image and compare it with another image for the same hdd to find what is the differences between both ?


   
ReplyQuote
pbobby
 pbobby
(@pbobby)
Estimable Member
Joined: 16 years ago
Posts: 239
04/01/2017 2:08 am  

Do you care about internal file changes or just the fact that one file is different from another?

If it's the latter - this is a classic file hashing problem that pretty much any 4n6 tool can do.


   
ReplyQuote
Passmark
 Passmark
(@passmark)
Reputable Member
Joined: 14 years ago
Posts: 376
04/01/2017 4:44 am  

OSForensics can compare two images for registry and file system differences. It will spit out a list of files that are new, deleted, changed, or has just had their meta data updated (e.g. dates or attributes)


   
ReplyQuote
 evilcode1
(@evilcode1)
Estimable Member
Joined: 10 years ago
Posts: 157
Topic starter 08/01/2017 12:42 pm  

OSForensics can compare two images for registry and file system differences. It will spit out a list of files that are new, deleted, changed, or has just had their meta data updated (e.g. dates or attributes)

thanks man it's working D


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: