Mini note: I didnt solve these challenges in the CTF event
# To the sky
First of all, the description mentioned "social media," so I searched the ones I know, X and Instagram, and discovered these two accounts.
After checking these accounts with WebArchive, I didn't find anything suspicious.
And after searching with whatsmyname, I found his GitHub account.
I checked this link, and it seems to be just a music...
His repo have 2 commits, so I also checked it and found something:
This link redirects to the YouTube link above :v, so we didn't find anything special here either.
---
**Analyze Step**: The description mentions `social media`, and we searched on popular platforms. All three accounts share the same username, but we couldn't find anything new here. Therefore, there might be other accounts on different platforms
---
We need to narrow down the search scope by checking which country he is from
I checked his last name by searching on LinkedIn and found another person with the same last name from France. Therefore, we can conclude that he might be from France.
In my opinion, to achieve the most accurate results, we should use the language of that country for the search.
I searched with `top social media in France`, translated to `les meilleurs réseaux sociaux en France`.
After checking a few platforms, we discovered that he uses this social media that we didnt found by `whatsmyname`: `(https://www.tumblr.com/elowenvaelith)`
I noticed this post
When we searched about the flag format, we can see it is a plane
So our mission is that find the plane he mention in this post.
Just copy and paste that post on `Bing`
So the flag is: `wwf{piper_aerostar}`
# Identity
I found his email through GitHub and sent a random message to this Gmail address. I received the following response:
`https://github.com/elowenvaelith/fuzzy-octo-garbanzo/commit/84344b9ca7bf4bf9616cb7d727aa7c22eff05d00.patch/`
put `.patch/` after the commit and then see it
**Analyze Step**:
- He mention about `message me at`
- about pgp :
So we need to find the app/platform use this pgp
I searched `best pgp app`
There are some app:
The first one is just open source
And `keybase` is the platform to message - right with our analyze:
So this platform have a lot of users, so we can find the account of Elowen Vaelith with that pgp.
First, we need to understand how this platform act:
So, I create account to understand that
So this is my key:
We didnt know what is this key meaning, so we need to find the place to decode this key:
I searched `pgp decoder` and find this one:
So first, I decode my key:
Our key have a lot of part:
Next, I decode the key that I gave from Elowen Vaelith:
So, his key gave the information about signature packet:
So next step, we need to check `signature packet` of our key:
From there, we can notice about `keyid`
That `keyid` is the same with the data in my profile:
So that, when anyone click to your profile, they can see this `keyid`
From there, we can find Elowen Vaelith's profile with this `keyid`
But it didnt work with his keyid but mine is yes, idk why :v
So I have to read the docs about api (the top of my search)
And found this one:
Look at another docs to find the format to use key/fetch:
So it is: `https://keybase.io/_/api/1.0/key/fetch.json?pgp_key_ids=e2792425ca477506`
So his username is: `orionjules`
So we found his real name: `Orion Jules Stewart`
`wwf{orion_jules_stewart}`
# Memorial
So, usually, after found his real name we need to find family tree to find his sister:
He is from France so:
So this is her fav song:
`wwf{heads_in_the_clouds}`
# Bulletproof
In the picture, I flip the photo sideways and look in the window to see 3_07 S Tacoma, 98405
So I search on Google Maps: `Tacoma, 98405`
So that, I know it is Tacoma WA 98405
We just simply brute the miss number: 0-9,
When I searched with "9", google mention about Shell:
So it is: `wwf{3907s12thst_tacoma_wa98405_usa}`
Sign in with Wallet
Connect another wallet