[EN] OhSINT Write-Up

PwnLab.Me

Admin
Katılım
21 Ocak 2024
Mesajlar
202
Tepkime puanı
9
Puanları
18
Yusuf Can Çakır tarafından yazılmıştır.

[EN] OhSINT Write-Up​




Are you able to use open source intelligence for this challenge?​

Room: https://tryhackme.com/room/ohsint

Difficulty: Easy​




Hi folks! we’ll write OhSint room’s writeup with you. Ohsint room will improve about our picture intelligence collection. We’ll collect information using exiftool and wigle website from the picture we have when. This article purpose of writing help to you if you can’t solve this room. Let’s start.

The room asked “What kind of information can you find from only a photo?” and gave a photo for us.

photo given to us in ohsint room
photo given to us in ohsint room

Firstly, we’ll use exiftool frequently used for analyze photos. We will use the code below to use the tool.

exiftool WindowsXP.jpg
use the tool for analysis
use the tool for analysis

The tool gave little information about the photo and Copyright part is important to us. According to the post, the photo belongs to OWoodflint, and we must use this information, so if we search on Google, will appear some information like in the photo below.

Information about OWoodflint
Information about OWoodflint

Let’s examine 3 website one by one. Firstly, we’ll look at the Twitter account. We had translated Turkish for Turkish article, but you may not translate.

OWoodflint's twitter account
OWoodflint’s twitter account

When we look to Twitter profile photo we can learn the answer to the first question, but we must strive for other answers. He’s giving a bssid he uses for free Wi-Fi, and we’ll visit https://wigle.net/ to collect more information. We will add the data where necessary, then must zoom out. You can see a pink point after zoom out and this point is the second flag. If you zoom in to point, you can see the third flag.

bssid analysis on wigle.net
bssid analysis on wigle.net

Our current route is the man’s website, so we’ll enter man’s website. There is only one post on the site and writing “I’m in xxxxxx right now, so I will update this site right away with new photos!”

There is a 6th flag where I censored.

OWoodflint's wordpress blog
OWoodflint’s wordpress blog

But I had caught my attention meta tags in google searches (I had scribbled section in google searches), so I came to the home page of the site, I did “inspect”. I saw it painted black a writing, he tried to hide apparently then I tried to enter this writing in 7th question and I successed

Inspect
Inspect

Finally, I entered to the 3rd site I scribbled in google searches, the following text is writing in site:

people_finder​


Hi all, I am from London, I like taking photos and open source projects.

Follow me on twitter: @OWoodflint

This project is a new social network for taking photos in your home town.

Project starting soon! Email me if you want to help out: [email protected]

The text give answer of 4th question then 5th question want to site of 4th answer, finally machine is over
🙂
 
Moderatör tarafında düzenlendi:
Geri
Üst