Select Page

WriteUp: TryHackMe – OhSINT

TryHackMe Room

Website: TryHackMe.com

Room: OHSINT

Difficulty:              

Tags: Osint, Information Gathering, Metadata, ExifTool

GOAL
******

See how relatively easy it is to find information about you, where you probably don’t expect it.

I mean how much information can you possibly get out of one photo?

What is OSINT?

OSINT is a huge interest of mine. For years now I have improved my research skills – I mean, as a developer you know, Google is your best friend. Then I found out about OSINT and it opened a completely new world for me.

If you don’t know, OSINT stands for Open-Source Intelligence and it is data collected from publicly available sources.

In a world where we interact more and more over the Internet and Social Media Platforms, we need to be more sensitive about our data.
We leave trails of information that can be used to compromise us.

OSINT does exactly this. Searching for publicly available data and using them to find out more about a person or a company. See for yourself how easy it is to connect the dots of “free” data and prepare to be shocked.

There are a lot of OSINT tools and websites out there, a good overview you can find on the website osint-framework.com.

Let’s start gathering information

To start the challenge we need to download an image.
The picture looks a lot like the background image from Windows XP.

So there is no obvious information to find. We need to take a closer look at the metadata.

For this, we use the tool “Exiftool“, a tool that can read, write, and edit meta information in a variety of files.

You can download it here.

You can see that the owner of the image is “OWoodflint”.

The next interesting information is the GPS location of the picture.

Let’s see what we can do with this information.

Online tools to extract metadata

If you have trouble with ExifTool or just want to use a different track, you can get info about images from websites like Jeffrey’s Image Metadata Viewer:

Another site is metapicz:

We start by searching the name we just found. Just a simple request in a search engine should bring some more info.

Note that we get different information depending on the search engine we use.

Important learning here: Use multiple search engines when you search for a term. You might get more useful information.

DuckDuckGo, for example, doesn’t show the Twitter profile of OWoodflint. Without searching on Google too, we would miss an important connection to answer the first question.

Using various search engines, we find a WordPress blog, a GitHub page, and a Twitter profile.

Next, let’s take a look at the website and the social media profiles.

#1  What is this users avatar of?

As we are looking for an avatar, we start with the Twitter profile, and .. tada, there is the answer to our first question.

That one was easy, right?!

Off to the next one.

Answer

cat

#2  What city is this person in?

After looking at the Twitter profile we have some other useful information there (more on this later) but no location, other than “space”.

So back to our search results. Let’s take a look at the GitHub profile. 

Yep, in his repository “people finder” we find a short text with the information we are looking for: OWoodFlint is from London. 

Answer

London

#3 What is the SSID of the WAP he connected to?

The next question is a little more tricky. We need to find out the SSID of the WAP (the Wireless Access Points).

What is an SSID?

SSID stands for Service Set Identifier. It is a 32-character sequence that uniquely identifies a wireless LAN (WLAN).  In short, it is the name of the wireless network.

The next question is a little more tricky. We need to find out the SSID.

Answer

UnileverWiFi

#4  What is his personal email address?

Wait, we have already seen the email address, haven’t we? 

Let’s go back to the GitHub site and, yes, there it is.

Again, easy! If you are thorough in your search and look for every detail.

Answer

OWoodflint@gmail.com

#5  What site did you find his email address on?

Answer

GitHub

#6  Where has he gone on holiday?

As we are looking for an avatar, we start with the Twitter profile, and .. tada, there is the answer to our first question.

That one was easy, right?!

Off to the next one.

Answer

New York

#7  What is this person’s password?

As we are looking for an avatar, we start with the Twitter profile, and .. tada, there is the answer to our first question.

That one was easy, right?!

Off to the next one.

Answer

pennYDr0pper.!

LEARNINGS

First of all, it is scary how much information you can gather with just a simple photo. 
And although I am not very communicative on Social Media, I will definitely think twice with every new post I publish. 

Second, ExifTool was new to me. And a little tricky to install. So I was happy to see that there are online tools available.
But now that I know how to use the tools I want to check some of my own photos and see what kind of information I provide. 

I hope you had as much fun as I had with this challenge. 

See you next time,
Frida <3