THM write-up: OhSINT
3 minutes to read
Link: https://tryhackme.com/room/ohsint
Thinking about posting your lifestyle, whereabouts and kind of food you are eating right now in social media? Then, you have to be very careful as people can monitoring you from somewhere else. For today post, I’m going to give you a general idea of how people (even FBI) can track you down on social network legally.
We are gonna use only one single picture to find the information about this ‘person’. The picture is shown below:
Task 1: Looking for user avatar
There is no big deal about this picture, just a classic Window XP background. You are absolutely wrong if you think about that way. Let see what inside the picture:
I’m using exiftool to gather all the possible information inside the picture and I found out that this picture is below to someone called OWoodflint. This can happen in reality as you putting a signature/location in your photo. Now, let’s bring out our famous search engine “Google” to find out this person.
So, we have the user’s twitter and WordPress account. Clicking into the twitter link result in this:
Now, we got the avatar of the user. It is a cat!!!!!
Task 2: Where is this person from?
We get another piece of information, the BSSID and where can we put this in use? The hint is wigle.net. Simply put in the BSSID field to reveal the location.
This person is originated from London.
Task 3: The SSID of WAP
All you have to do is keep zooming the map until you get the SSID.
Task 4: Email address
This part is a bit tricky because I have lost track after the wigle.net part. Also, I’m not able to find the email address from the WordPress blog. The only way is to find out who is this person’s friend or what is his/her following with. From the person twitter account, he/she seem interested in programming.
Where is the largest place to gather programmers from all around the globe? The answer is the Github. Searching for OWoodflint will result in:
Now, we found the email address
Task 5: Where is the email address?
Obviously, it is from the Github
Task 6: Where he gone for holiday?
The answer is revealed in the blog post
Task 7: Find the password
This line is hidden after the statement (have to highlight it) or you can find it in the source code.
Conclusion and countermeasure
This conclude all the findings of this person. We are legally obtained the user’s twitter account, living location, lifestyle (he stealing WiFi), email address, current whereabouts and hidden password. It is really creepy that people can stalk you for 24/7. Here are some countermeasures:
- Set the social media privacy (Showing the post to whom you really trust with)
- Never share you living location
- Never share or display your email address publicly
- Only do “throwback” post
- Never reuse the password
Last but not least, stay safe in the world of Internet.
tags: tryhackme - recon - osintThanks for reading. Follow my twitter for latest update
If you like this post, consider a small donation. Much appreciated. :)