mirror of
https://github.com/AbdullahRizwan101/CTF-Writeups
synced 2024-11-22 03:53:03 +00:00
Add files via upload
This commit is contained in:
parent
bb371c2ce6
commit
74d1b46615
1 changed files with 104 additions and 0 deletions
104
TryHackMe/OhSINT.md
Normal file
104
TryHackMe/OhSINT.md
Normal file
|
@ -0,0 +1,104 @@
|
|||
# TryHackMe-OhSINT
|
||||
|
||||
> Abdullah Rizwan | 11 th September , 07 : 44 PM
|
||||
|
||||
|
||||
This is a OSINT box where we have to analyze information only through image provided to us.
|
||||
|
||||
|
||||
This is the image from which we have to extract data from.
|
||||
<img src="https://imgur.com/BzGUlrw.png" />
|
||||
|
||||
I ran `exiftool` to see information of the image and found a name `OWoodflint`
|
||||
|
||||
<img src="https://imgur.com/rbwGIkc.png" />
|
||||
|
||||
1. What is this users avatar of?
|
||||
|
||||
<img src="https://imgur.com/He8utTL.png" />
|
||||
|
||||
```
|
||||
Cat
|
||||
```
|
||||
|
||||
2. What city is this person in?
|
||||
|
||||
By googling the name `OWoodflint` I was able to find his twitter account and there he shared his Wifi BSSID (Basic Service Set Identifer / MAC).
|
||||
|
||||
<img src="https://imgur.com/He8utTL.png" />
|
||||
|
||||
Also we can find two a base 64 encoded text
|
||||
|
||||
<img src="https://imgur.com/Oj3tWxM.png" />
|
||||
|
||||
By using https://gchq.github.io/CyberChef/
|
||||
|
||||
<img src="https://imgur.com/2zdBC3o.png" />
|
||||
|
||||
|
||||
Then by googling the MAC it self I found `wigle.net` which is ISP in London.
|
||||
<img src="https://imgur.com/9NA0YCv.png" />
|
||||
|
||||
Alternatively you can find his github account
|
||||
|
||||
<img src="https://imgur.com/U0iAm3J.png" />
|
||||
|
||||
```
|
||||
London
|
||||
```
|
||||
|
||||
3. Whats the SSID of the WAP he is connected to?
|
||||
|
||||
From the result of `exiftool` we know the coordinates `54 deg 17' 41.27" N, 2 deg 15' 1.33" W`
|
||||
|
||||
By converting them
|
||||
|
||||
<img src="https://imgur.com/Jb6IqP8.png" />
|
||||
|
||||
Register an account on `wigle.net` and find search in `London` with bssid `B4:5D:50:AA:86:41`.
|
||||
|
||||
<img src="https://imgur.com/UW4nGXs.png" />
|
||||
|
||||
|
||||
|
||||
```
|
||||
UnileverWiFi
|
||||
|
||||
```
|
||||
|
||||
4. What is his personal email address?
|
||||
|
||||
<img src="https://imgur.com/U0iAm3J.png" />
|
||||
|
||||
```
|
||||
OWoodflint@gmail.com
|
||||
```
|
||||
|
||||
5. What site did you find his email address on?
|
||||
|
||||
```
|
||||
Github
|
||||
```
|
||||
|
||||
|
||||
6. Where has he gone on holiday?
|
||||
|
||||
We can also find his WordPress Blog
|
||||
|
||||
<img src="https://imgur.com/XPGfeSz.png" />
|
||||
|
||||
```
|
||||
New York
|
||||
```
|
||||
|
||||
7. What is this persons password?
|
||||
|
||||
By looking at WordPress source scrolling thorugh we can find his password.
|
||||
|
||||
|
||||
<img src="https://imgur.com/6HO6VIT.png" />
|
||||
|
||||
|
||||
```
|
||||
pennYDr0pper.!
|
||||
```
|
Loading…
Reference in a new issue