Found while doing forensics on some rediscovered loose flash drives.
this post was submitted on 23 Jan 2024
4 points (100.0% liked)
Programmer Humor
32060 readers
1395 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The humor is in the amount of hoops to jump through to get some basic info out using Powershell. Under Linux one would use a single command or just check what the system exposes in the form of a file.
I have no idea how to do forensics under Windows to be honest. You'd probably have to write something to get to the block layer so it can be dumped and analyzed. Perhaps OP can amuse us how he went about it.
It's just one command with a bunch of selects, you could probably just run the first part. I can try it myself later.
There are a lot of software that forensics can use, I don't know how common windows is but considering its usage for everything else in companies and governments, I wouldn't be surprised if forensics use primarily Windows.