OSINT 1 | 100 Points
Answer: Hints in questions are “I Serve”, “Clear Water”, “Fingerprint”
Clear Water is a City in Florida, First day I wasted in Google Maps as all the hints provided by them are related to google maps. I thought it may be a latitude/longitude…..I tried each and everything possibilities from google maps but no success.
Second day I got this tweet from @upgoingstar. He mentioned about infosec online tools and database.
I tried all the database including SHODAN.IO. That is the place. ( Here we can relate the hints “I serve” with “What’s my fingerprint” ) Correct it may be a server running on Clear Water city.
Shodan.io is having city based search. It will list all the server running on the “clear water” and luckly only one server is running on clear water city. I checked the details and got the fingerprint.
Link: https://www.shodan.io/host/24.96.78.131
Flag: flag{ee:06:bb:c1:48:bc:64:bf:69:d3:ff:6f:b0:89:6a:84}
OSINT 2| 200 Points
Hints: “7033”, “I have a request”
We have one website and an image. I started with image content…Googled the number 7033 and got RFC 7033 webfinger protocol. In the RFC documentation page default request are mentioned (Hint: I have one request) I copied the request and tried in the target website. Boom. Got some information.
SSDEEP(523bd1e47b08cfd4d92cddcbff8e541d)
flag{ssdeep}
Answer: Here I trusted Google once again. I googled the hash and got this “ViCheck.ca – Malware Hash Index“.
Its a malware hash database. I searched the hash “523bd1e47b08cfd4d92cddcbff8e541d” and got ssdeep flag.
Flag : flag{3072:uFvAPdnvdoz91j/q2p4N1m1QmKoEe2TE4lvrNh:uFvAPdnvdoz91rq2p4rm1QdoEe2TE4l/}