Site = TryHackMe
Creator = SecurityNomad
Diff = š
Basic Summary:
The room is based on using basic ohsint skills to get information a target.They provided us a picture.And using the exif metadata we get a username and then searching for accounts with that username we get a Twitter account, github, wordpress blog. We get a bssid from the twitter account, using it we get the targets location.Then going to github we get a email address and the targetās city name. Moving to the wordpress page we have a weird looking string on the main page and its the targetās password.
They gave us the following image:
Nostalgic WINDOWS XP!!!!!!!!!!!!!!!!
The basic methodology begins with checking for exif metadata.Its basically the data attached with an image that tells alot about the image.
Lets Google the Name.
as we can see thereās 3 paths to check.Lets check the twitter first.
Well a bssid.Lets search for it in wigle.net. In a nutshell Wigle.net is database of wiresless stuff such as wifi,radio,etc.
Its in London.Lets move to Github.
We got his email and his city.Cool isnāt it.To his Blog we go!!!
Well according to the blog heās in NYC. And the weird string looks like a password.
Thanks for reading š š
HAPPY HACKIN.
and LEARN OHSINT!!! its cool stuff