Lesson 13 - Cryptography assignment
Lab 12
Files Download here
1. Start OSForensics. If prompted to allow the program to make changes to
your computer, click OK or Yes . In the OSForensics message box, click
2. Continue Using Free Version.
3. Mount the InCh05.img file
4. In the main window, click Manage Case in the navigation bar on the left,
if necessary. In the Select Case pane on the right, double-click InChap05 if
a green checkmark isn’t displayed next to it.
5. 4. In the navigation bar on the left, click Passwords . In the pane on the right,
click the Find Browser Passwords tab, if necessary. Click the Scan Drive
button, and then click the drive letter for the InCh05.img mounted
virtual drive.
6. In the navigation bar on the left, click Retrieve Passwords . In the pane on the
right, right-click the first item and click Export List to Case . In the Title text
box, type Denise Robinson’s additional e-mail and password , and then click
OK . Repeat this step for all browser passwords that were recovered.
6. In the Passwords window, click the Windows Login Passwords tab. Click
the Scan Drive button, and then click the drive letter for the InCh05.img
mounted virtual drive.
7. 7. Click Retrieve Hashes , and then click Save to File . In the Save to dialog
box, navigate to your work folder, type Denise-Robinson-Win-Passwords-
Hashes in the File name text box, and then click Save .
8. In the navigation bar on the left, click Manage Case . In the Manage Current
Case pane on the right, click the Add Attachment button. Navigate to
where you saved the Denise-Robinson-Win-Password file, click the file,
and click Open . In the Export Title text box, type Denise-Robinson-
Win-Passwords , and then click Add .
9. In the navigation bar at the top, click Generate Report . In the Export
Report dialog box, click OK . If you get a warning message that the report
already exists, click Yes to overwrite the previous report.
10. Exit OSForensics, and print the report displayed in your Web browser.
Turn the report in to your instructor.