This was a category which required users to use there OSINT skills to get the flags , and I'll be writing a writeup of how each challenge was solved!
---
### Winged Companion
This challenge was made by thecybersamurai , the description was:
```text
My name is derived from a mythical winged greek creature. I have the ability to infiltrate your device and have access to your SMS, Emails , Whatsapp, Photos And Videos, GPS Data , Activate Microphone, Record calls, Calendar and Contact Books, Who Am I??
```
first we break down the keywords `mythical - winged - greek creature` that brings us to pegasus if you google that , and then pegasus is a spyware hehehe , So the flag was :
```h4k-it{pegasus}```
---
### GameOfHacks
This other challenge was also made by the cybersamurai , where the description was:
```text
How many times was I (game of hacks) hosted , and when was the first time I made an entrace to the cybersecurity community?
```
So basically for those who participated in last years competition they surely did get this one quick , the first time an entrace was made was in 2020 and a total of times hosted is 2 so the answer is :
```h4k-it{2020-2}```
----
### From Zero To Hero
This was also made by the cybersamurai , it was clearly an easy one , description was:
```text
I was the most wanted man for various computer and communication hacks in my days and now I am a cybersecurity expert , who am I?
```
Straight to the answer is `Kevin Mitnick`
---
### tahaafarooq
This was a challenge that I myself had made , the description was as follows:
```text
Can you find the secret tahaafarooq hides? He always brags about this social media network where he shows off his pojects!
```
so basically the main idea was the player to find a social media network that I personally use to brag about my projects, where as definetly not facebook, instagram , or twitter , it's github.
Visiting my github profile there is a repository which has two files `README.md` and `index.html` opening the index.html on the web we see it says no flag here:
```html
<html>
<head>
<title>tahaafarooq</title>
</head>
<body>
<div class="main">
<h1 align="center">Still On Progress</h1>
<p align="center">No flag here!</p>
</div>
</body>
</html>
```
Decided to git clone the whole repository , and change my directory inside it , then I start checking the logs:
```
┌─[tahaafarooq@cyberwarriors]─[~/Desktop/gameofhacks/osint/tahaafarooq/tahaafarooq.github.io]
└──╼ $git log
commit d9d4f128fc23c7a56ef5c841847a788a166b4204 (HEAD -> main, origin/main, origin/HEAD)
Author: Tahaa Aqil <49201347+tahaafarooq@users.noreply.github.com>
Date: Sun Sep 19 14:33:57 2021 +0300
Update README.md
commit b200265b0a7c79ca17b15fb905bfb70f03ca1286
Author: Tahaa Aqil <49201347+tahaafarooq@users.noreply.github.com>
Date: Sun Sep 19 14:32:27 2021 +0300
Create index.html
commit d52ddcded1901d8ef67b8d22179c8d84bb68f17e
Author: Tahaa Aqil <49201347+tahaafarooq@users.noreply.github.com>
Date: Sun Sep 19 14:27:30 2021 +0300
Update README.md
commit b82f9612736cdd17f039f918a28a27897675a211
Author: Tahaa Aqil <49201347+tahaafarooq@users.noreply.github.com>
Date: Sun Sep 19 14:27:12 2021 +0300
Update README.md
commit dd8c25f0ba32d21975f55d57be3b978a120170ff
Author: Tahaa Aqil <49201347+tahaafarooq@users.noreply.github.com>
Date: Sun Sep 19 14:25:52 2021 +0300
Initial commit
```
we see that there are changes made in README.md 3 times, so let's try and check for the latest change using `git show`:
```
┌─[tahaafarooq@cyberwarriors]─[~/Desktop/gameofhacks/osint/tahaafarooq/tahaafarooq.github.io]
└──╼ $git show
commit d9d4f128fc23c7a56ef5c841847a788a166b4204 (HEAD -> main, origin/main, origin/HEAD)
Author: Tahaa Aqil <49201347+tahaafarooq@users.noreply.github.com>
Date: Sun Sep 19 14:33:57 2021 +0300
Update README.md
diff --git a/README.md b/README.md
index 1b01480..8d93529 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
# tahaafarooq.github.io
Just my personal blog
-h4k-it{w0w_wh0_kn3w_y0u_g00t_l33t5killS}
+nothing to read here
```
`h4k-it{w0w_wh0_kn3w_y0u_g00t_l33t5killS}`
---
### H4K-IT 2021
This was quiet a challenge , the description was:
```text
@tahaafarooq#9056 , mentioned something interesting ! I think you should check it out!
#ROAD TO MAIN EVENT
```
Okay so the word `metioned` is calling for attention , where would I have mentioned something interesting, twitter?? linked in?? , or discord??, so going to discord in #announcements channel and scrolling up there is a mention that I did where I wrote ROAD TO MAIN EVENT:
so downloaded that image , and then used exiftool to see if there is anything that is attached to the metadata:
```text
┌──(tahaafarooq㉿blacktek)-[~/Desktop/solve_gameofhacks/osint]
└─$ exiftool event_banner.jpg
ExifTool Version Number : 12.34
File Name : event_banner.jpg
Directory : .
File Size : 34 KiB
File Modification Date/Time : 2021:11:21 12:53:05+03:00
File Access Date/Time : 2021:11:21 12:53:05+03:00
File Inode Change Date/Time : 2021:11:21 12:53:05+03:00
File Permissions : -rw-r--r--
File Type : JPEG
File Type Extension : jpg
MIME Type : image/jpeg
JFIF Version : 1.01
Resolution Unit : None
X Resolution : 1
Y Resolution : 1
Image Width : 462
Image Height : 345
Encoding Process : Baseline DCT, Huffman coding
Bits Per Sample : 8
Color Components : 3
Y Cb Cr Sub Sampling : YCbCr4:2:0 (2 2)
Image Size : 462x345
Megapixels : 0.159
```
but nothing so I now use steghide to see if there is anything embedded to it:
```text
┌──(tahaafarooq㉿blacktek)-[~/Desktop/solve_gameofhacks/osint]
└─$ steghide --info event_banner.jpg
"event_banner.jpg":
format: jpeg
capacity: 1.8 KB
Try to get information about embedded data ? (y/n) y
Enter passphrase:
steghide: could not extract any data with that passphrase!
```
and looks like there is something embedded itno it but requires a password , so I now crack it using stegseek , I was able to get the password from the wordlist `2020-200_most_used_passwords.txt` from SecList.
and got the flag as `h4k-it{britishcouncil}`
---
### Internet Puzzle Mystery
This was pretty straightforward the image explained it self , all the player had to do was to just google the image and it would come there as `cicada 3301` which was also the flag:
`h4k-it{cicada 3301}`
___
### THE END
Sign in with Wallet
Connect another wallet