INTRO
A few days back, I completed an OSINT challenge which was very fun. That’s what this article about. I am going to write a writeup for this challenge. but first, you may need to know about “OSINT”.
Open-source intelligence (OSINT) is information collected from public sources such as those available on the Internet, although the term isn’t strictly limited to the internet, rather means all publicly available sources.
publically means that you can find it with Google and any other search engine. you can even use some OSINT tools. For example Maltego, Recon-ng, Metagoofil, and Spiderfoot.
By the way, we have already made a tutorial video on recon-ng on our Youtube Channel:
It is all your choice if you want to watch it or not. because we are not going to use this tool. maybe some other day but not in this tutorial.
ATTACK
This is going to be short and simple. and I think that every OSINT challenge is short and simple.
So first, we will see the Hint or Description whatever you want to call it.
Screenshot:
″Can you find something to help you break into the company ‘Evil Corp LLC’. Recon social media sites to see if you can find any useful information. ″
Now you can guess what we are supposed to do to get the flag. It says a company name “Evil Corp LLC”. And it gives us a hint that we should look into some social media sites( Facebook, Instagram, Twitter, Linkedin etc.)
Now, open your browser. I am using Chrome here. you can use Mozilla Firefox if you don’t have the Chrome browser.
try to find some information with Google. type this in URL: "<span style="color: #000000; font-family: terminal, monaco, monospace;"><em><span style="font-size: 12pt;">Evil Corp LLC"</span></em></span>
Screenshot:
So, we got our first social media link(Linkedin). Click on it.
Screenshot:
And we got a flag. but it was so easy. if we submit this flag it says “wrong flag. so, we can try to decode the BASE64 string in the flag.
Type this command:
echo "WW91IGNhbiBkbyB0aGlzLCBrZWVwIGdvaW5nISEh" | base64 -d
Screenshot:
we can try to submit flag with this decoded string: htb{You can do this, keep going!!!}
But we are wrong again. it means that we need to keep searching for the flag. we scrolled down and found a Twitter account with half a flag and a Picture.
Screenshot:
we tried the Twitter link first where we got the half flag and no hint of the left one. flag: HTB{s are you?
.
This time we tried the flag in the picture.
Screenshot:
But it didn’t work too.
As we can see, all of our attempts seem to fail. now, we can use Google dorks.
type this in URL: "Evil Corp LLC" site:<social media site domain>
You can try all social media sites and see if you get the flag or not.
We tried Instagram: "Evil Corp LLC "site:instagram.com
Screenshot:
We got only one result with this. and after looking around, we found the flag in a picture.
Screenshot:
You can find the flag in the comments or you can use get the flag from the picture.
Stay home, stay safe and keep reading our articles.
Thanks For Visiting