Let’s use some Open Source Intelligence to solve this TryHackMe challenge.
I’ll first try giving a bit of context about what Open Source Intelligence is.
Often abbreviated as OSINT, this is a process of collecting and analyzing information from publicly available sources to gather valuable insights and intelligence. These sources can include websites, social media platforms, news articles, public records, and any information that is accessible to the general public.
OSINT is used for various purposes, including cybersecurity, threat analysis, investigative journalism, competitive intelligence, and more.
On this task we are being provided with a single file(image) and we’ll have to use OSINT to find the answer for each challenge.
What is this user’s avatar of?
Oppening the Image in editor, we see this is the well known WindowsXP wallpaper. There’s nothing to look at for retrieving the answer to any of the questions.
Next, i’m using exiftool to see if there’s any hidden info in the image metadata. Exif Data reveals lots of info. The author’s name “Owoodflint” would be a good starting point to look for.
We get multiple results on google, including a blog a Twitter and a GitHub account.
On the Twitter account we can see the profile picture, hence we have the answer to the first question. Also, in a tweet, he’s sharing he’s nearby WiFi bssid (Basic Service Set Identifier - it’s the MAC physical address of the access point or wireless router)
Having this information, we can find out a lot more on wigle.net, searching for bssid B4:5D:50:AA:86:41.
What city is this person in and what is the SSID of the WAP he connected to?
Looking up the bssid on wigle.net, we easily determmine that he’s located in London and the name of the Network/SSID he connected to is “UnileverWiFi”
What is his personal email address?
Moving on, we need to find his email address. Looking on the blog or GitHub account might be a good idea
There’s no email on the blog but there’s something that looks like a password, camouflaged in the page content using white color(given by the #ffffff in the page source). We’ll see if this comes handy later in the challenge.
Inspecting the GitHub account page, we find an email address associated with the person.
Where has he gone on holiday and what is the person’s password?
The answer for these 2 questions we already have it, just look back on his blog.
This was an easy & fun room to exercise some OSINT skills!