Intro
In this TryHackMe room you will be tasked with gathering intel on a target based on an image, you must use Open Source Intelligence to solve the questions.
Scenario
What information can you possibly get with just one photo?
Questions
Q1. What is this users avatar of?
To get started you will need to extra metadata from the photo, this can be done using a tool called Exiftool. This tool needs to be downloaded but I will be using an online version of this tool called ExifMeta. After uploading the image to exifmeta, you will be presented with a list of RAW data pulled from the image's metadata. Right off the bat, I see a few things that catch my eye. XMP-exif:GPSLatitude, XMP-exif:GPSLongitude, and XMP-tiff:Copyright. After Googling OWoodflint the first result should be a twitter user with the profile picture of a cat.
| System:FileName | WindowsXP.jpg |
|---|---|
| System:FileSize | 234081 |
| System:FileModifyDate | 2021:09:24 19:18:32+00:00 |
| System:FileAccessDate | 2021:09:24 19:18:32+00:00 |
| System:FileInodeChangeDate | 2021:09:24 19:18:32+00:00 |
| System:FilePermissions | 100644 |
| File:FileType | JPEG |
| File:FileTypeExtension | JPG |
| File:MIMEType | image/jpeg |
| File:ImageWidth | 1920 |
| File:ImageHeight | 1080 |
| File:EncodingProcess | 0 |
| File:BitsPerSample | 8 |
| File:ColorComponents | 3 |
| File:YCbCrSubSampling | 2 2 |
| XMP-x:XMPToolkit | Image::ExifTool 11.27 |
| XMP-exif:GPSLatitude | 54.2947963 |
| XMP-exif:GPSLongitude | -2.2503684 |
| XMP-tiff:Copyright | OWoodflint |
| Composite:ImageSize | 1920 1080 |
| Composite:Megapixels | 2.0736 |
| Composite:GPSLatitudeRef | N |
| Composite:GPSLongitudeRef | W |
| Composite:GPSPosition | 54.2947963 -2.2503684 |
Q2. What city is this person in?
Q3. What's the SSID of the WAP he connected to?
After finding the targets' Twitter account, you will find the user made a tweet with a BSSID. For this question you will need to head over to a site called WiGLE (a website for collecting information about the different wireless hotspots around the world). Once on the site enter the BSSID in the map search box and hit "Filter". After hitting filter, zoom out on the map and head over to the marked location on the map, once you find the marked location zoom all the way in and you'll find the answers for questions 2 (London) and 3 (UnileverWiFi).
Q4. What is his personal email address?
Q5. What site did you find his email address on?
The answer to questions 4 and 5 can be found by doing a Google search on the targets username and searching through the each link. Eventually you will come across their Github page which has an email on one of their repos.
Q6. Where has he gone on holiday?
Q7. What is this persons password?
The last two questions can be answered by heading over to the targets WordPress blog page, the target states that they are in New York at that point in time. Their is also hidden text on the page that is colored the same color as the background of the webpage (if you don't have a night mode extension enabled)
This was a really fun room and a great room to test your OSINT skills, OSINT is personally one of my favorite aspects of Cyber Security! 😊
I am actively looking for work, feel free to connect with me and lets talk business. Also feedback is appreciated! Thank you!
Connect With Me 🙂
Top comments (0)