Ghost Process5_B

Memory Forensic 100 pts standard
Challenge Description

Q5 — Memory Protection of the Injected Code

The memory region used for injection must be writable during setup and executable at runtime — a well-known red flag in forensic analysis.

What memory protection is used for the injected code?

Flag format : HackCTF{PROTECTION_FLAG}

Correct answer unlocks Q6 — Base Address of Injected Code.

Submit Flag

Login to submit a flag.

← All Challenges