Planet DesKel

DesKel's official page for CTF write-up, Electronic tutorial, review and etc.

8 August 2020

THM write-up: OhSINT

3 minutes to read

titlecard

Link: https://tryhackme.com/room/ohsint

Thinking about posting your lifestyle, whereabouts and kind of food you are eating right now in social media? Then, you have to be very careful as people can monitoring you from somewhere else. For today post, I’m going to give you a general idea of how people (even FBI) can track you down on social network legally.

We are gonna use only one single picture to find the information about this ‘person’. The picture is shown below:

window

Task 1: Looking for user avatar

There is no big deal about this picture, just a classic Window XP background. You are absolutely wrong if you think about that way. Let see what inside the picture:

exif

I’m using exiftool to gather all the possible information inside the picture and I found out that this picture is below to someone called OWoodflint. This can happen in reality as you putting a signature/location in your photo. Now, let’s bring out our famous search engine “Google” to find out this person.

google

So, we have the user’s twitter and WordPress account. Clicking into the twitter link result in this:

twitter

Now, we got the avatar of the user. It is a cat!!!!!

Task 2: Where is this person from?

We get another piece of information, the BSSID and where can we put this in use? The hint is wigle.net. Simply put in the BSSID field to reveal the location.

wigle

This person is originated from London.

Task 3: The SSID of WAP

All you have to do is keep zooming the map until you get the SSID.

ssid

Task 4: Email address

This part is a bit tricky because I have lost track after the wigle.net part. Also, I’m not able to find the email address from the WordPress blog. The only way is to find out who is this person’s friend or what is his/her following with. From the person twitter account, he/she seem interested in programming.

friend

Where is the largest place to gather programmers from all around the globe? The answer is the Github. Searching for OWoodflint will result in:

github

Now, we found the email address

Task 5: Where is the email address?

Obviously, it is from the Github

Task 6: Where he gone for holiday?

The answer is revealed in the blog post

blog

Task 7: Find the password

This line is hidden after the statement (have to highlight it) or you can find it in the source code.

password

Conclusion and countermeasure

This conclude all the findings of this person. We are legally obtained the user’s twitter account, living location, lifestyle (he stealing WiFi), email address, current whereabouts and hidden password. It is really creepy that people can stalk you for 24/7. Here are some countermeasures:

Last but not least, stay safe in the world of Internet.

tags: tryhackme - recon - osint

Thanks for reading. Follow my twitter for latest update

If you like this post, consider a small donation. Much appreciated. :)


Vortex


© 2020 DesKel