Nullcon HackIM 2017 CTF – OSINT

OSINT 1 | 100 Points



Answer: Hints in questions are “I Serve”, “Clear Water”, “Fingerprint”

Clear Water is a City in Florida, First day I wasted in Google Maps as all the hints provided by them are related to google maps. I thought it may be a latitude/longitude…..I tried each and everything possibilities from google maps but no success.


Second day I got this tweet from @upgoingstar. He mentioned about infosec online tools and database.



I tried all the database including SHODAN.IO. That is the place.  ( Here we can relate the hints “I serve” with “What’s my fingerprint” ) Correct it may be a server running on Clear Water city. is having city based search. It will list all the server running on the “clear water” and luckly only one server is running on clear water city. I checked the details and got the fingerprint.



Flag: flag{ee:06:bb:c1:48:bc:64:bf:69:d3:ff:6f:b0:89:6a:84}

OSINT 2| 200 Points


osint200 (1)


Hints: “7033”, “I have a request”

We have one website and an image. I started with image content…Googled the number 7033 and got RFC 7033 webfinger protocol. In the RFC documentation page default request are mentioned (Hint: I have one request) I copied the request and tried in the target website. Boom. Got some information.

Screenshot_28 Screenshot_4





Answer: Here I trusted Google once again. I googled the hash and got this “ – Malware Hash Index“.

Its a malware hash database. I searched the hash “523bd1e47b08cfd4d92cddcbff8e541d” and got ssdeep flag.



Flag : flag{3072:uFvAPdnvdoz91j/q2p4N1m1QmKoEe2TE4lvrNh:uFvAPdnvdoz91rq2p4rm1QdoEe2TE4l/}