OhSint

THM OhSINT

Task 1 : OhSINT

Question 1 : What is this users avatar of?

Since this is not a Jpeg format, exif didn’t return anything useful, let’s try with exiftool. Since it does not come preinstalled we will need to manually install it.

Once the installation finishes we can use the tool

# apt install libimage-exiftool-perl -y 
# exiftool /"path_to_image"

Using exiftool we managed to find something of value, a copyright name. Googling the name returned a Twitter account.

Answer 1 : Cat


Question 2 : What city is this person in?

Hint

BSSID + Wigle.net

Using Wigle.net to search for the bssid we got from the Twitter account’s comments, Wigle also found the SSID of the WaP he connected to.

Answer 2 : London

Question 3 : Whats the SSID of the WAP he connected to?

Answer 3 : UnileverWiFi


Question 4 : What is his personal email address?

Once again, Google is our friend.

Navigating to the git repo reveals the user’s email.

Answer 4 : OWoodflint@gmail.com

Question 5 : What site did you find his email address on?

Answer 5 : github

Question 6 : Where has he gone on holiday?

From the above google search, we found a wordpress website mentioning that the user is currently in New York.

Answer 6 : New York


Question 7 : What is this persons password?

So for this I went back to the github project, convinced that it had something to do with the changes on the project, after an hour of messing with everything on the user’s repo I gave up on the github and visited the wordpress website.

I am not going to lie and say that I inspected the source code and found the password. The truth is that I was highlighting the text while I read (something that I always do) and I accidentally stumbled upon the first few letters of the password, so here it is.

Answer7 : pennYDr0pper.!


This was a pretty fun room and a rare challenge on OSINT, catch you on the next one.