UIUCTF 2024 Writeup - Geoguesser Suite

# UIUCTF 2024 Writeup - Geoguesser Suite Played with [@blackb6a](https://b6a.black/about-us/). # Night That was quite a pretty night view, can you find where I took it? Flag format: uiuctf{street name, city name} Example: uiuctf{East Green Street, Champaign} Some words are blurred out to make the challenge harder, hopefully. Flag format clarification: Use the full type, e.g. Avenue, Street, Road, etc., and include a space between the comma and city name. ## Solution We are given this image, and our goal is to find where this image was taken: ![image](https://hackmd.io/_uploads/rJf1EIJD0.jpg) From the image, here are some things we should be looking out for: * A 3 lane road * A railway * A white building * Skyscraper in the distance * The photo was likely taken through a hole of a mesh screen (notice black parts of the top right and bottom left corner) Although the words on that skyscraper were blurred, if we use `Search by Image` from Google and zoom in on the tower, we can still get some useful results: ![image](https://hackmd.io/_uploads/rJsDNU1DR.jpg) So it seems like that skyscraper is called the Prudential Tower, and it is located in **Boston, Massachusetts**. Now, if we look around the Prudential Tower using [Google Earth](https://earth.google.com), ![image](https://hackmd.io/_uploads/BkAHwU1wR.jpg) We can see that at the bottom left hand-corner, there seems to be something similar to a railroad. If we zoom in and take a look: ![image](https://hackmd.io/_uploads/ByVhwIkwR.jpg) This is the location we are looking for, and the image should be taken on the bridge as there is some kind of fence or mesh on the sides. Flag: `uiuctf{Arlington Street, Boston}` # Chunky Boi Now that's a BIG plane! I wonder where it is. Flag format: uiuctf{plane type, coordinates of the aircraft} Example: uiuctf{Airbus A380-800, 40.036, -88.264} For coordinates, just omit the digits, do not round up. Precision is the same as the one in the example. The aircraft name is the same as Wikipedia page title. You can extract enough information from this image to answer this. You DO NOT need to register any accounts, all the information is public. Flag format clarification: The last digit of the first coordinate is even, and the last digit of the second coordinate is odd. ## Solution We are given this image, and our goal is to find where this image was taken, along with the type of plane in the image: ![image](https://hackmd.io/_uploads/SynBoIkPR.jpg) Looking at the tail of the blue plane, we can see that `77182` is written on it. ![image](https://hackmd.io/_uploads/BymwgMdwA.jpg) Searching for `77182 Plane` gives us the following: ![image](https://hackmd.io/_uploads/BkdhoUJw0.png) Comparing the search results, this does look like the plane we are looking for, so the first part of the flag should be `Boeing C-17 Globemaster III`. Now, since the Boeing C-17 Globemaster III is a military transport aircraft, it might be hard for us to track down it's location. So, let's shift our focus to the orange building in the distance and the plane on the left. ![image](https://hackmd.io/_uploads/rJLw6Lyw0.jpg) The orange building have the words `Prologis`, which is a logistics company. So, we should be looking for an airport that has a Prologis warehouse. On the left side, we have the tail of another plane: ![image](https://hackmd.io/_uploads/B1RjT8yvR.jpg) The airplane on the left has the number N309AS written on it, and this airplane seems to be a commercial plane, so we should be able to track it's flight records online just by some Googling: ![image](https://hackmd.io/_uploads/rkFNAUJwC.png) Looking at the records, it seems that this plane flies between these airports the most: * Portland Airport * Los Angeles Airport * Seattle-Tacoma Airport * Los Cabos Airport So, we can just Google Earth these airports and see if they have a Prologis warehouse. And sure enough, we find this at the **Seattle-Tacoma Airport**: ![image](https://hackmd.io/_uploads/Hk1dywJwR.jpg) Same airplane type, along with the Prologis warehouse. Now, we just need to match the image with Google Map coordinates and we are done (maybe a bit of brute force is needed). Flag: `uiuctf{Boeing C-17 Globemaster III, 47.462, -122.303}` # New Dallas Super wide roads with trains... Is this the new Dallas? Flag format: uiuctf{coordinates of intersection between the rail and the road} Example: uiuctf{41.847, -87.626} Flag format clarification: Use three decimal points of precision, truncate, and do not round. Use Google Maps location for reference. The last digit of the first cooordinate is odd, and the last digit of the second coordinate is even. ## Solution We are given this image: ![image](https://hackmd.io/_uploads/ByfFgP1wA.jpg) We can first take a look at the black car in front: ![image](https://hackmd.io/_uploads/BJCE-Pkw0.jpg) The license plate is completely blue, which is quite common in China. One of our teammates read the last character `众` from it, which is Simplified Chinese, so our guess is that this image was taken somewhere in China. We can also take note of the large road mentioned in the description, which seems to be some kind of highway. :::spoiler Some extra yapping :::info There is also technically a side channel: **r3kapig** was the first team to solve this challenge, much faster than other teams, and they are a CTF team based in China, so this image might be taken in China. -- Yapping from writer, don't take seriously. ::: Now that we have narrowed down our search area, let's focus on the metro: ![image](https://hackmd.io/_uploads/rJgZ7P1wR.png) We can see that the side of the train has green stripes on both above and below its windows. So, our goal is to find a train that matches the description above. Looking at [Wikipedia](https://en.wikipedia.org/wiki/Urban_rail_transit_in_China), we can see that there is a table of urban rail transit in China, and **most** of them are color coded correctly. So, start looking :) After some time, you might be able to find this metro: ![image](https://hackmd.io/_uploads/BJ6SSvywR.jpg) This is the metro that runs on [**Line 2 of the Wuxi Metro (无锡地铁2号线)**](https://en.wikipedia.org/wiki/Line_2_(Wuxi_Metro)), and its design matches with the description we are looking for. So now, we just need to know where this metro travels, follow it on Google Maps, and hopefully find the road, right? Well, there is a slight problem. Since this is China, Google Maps or Earth doesn't really have much Street View we can look at, which makes it kind of hard for us to compare the locations with the image. Therefore, it is recommended to use [Baidu Maps (百度地图)](https://map.baidu.com/), a China version of Google Maps, to look for the location. :::info Bonus Tip To Help With Your Searching If you look at the Chinese version for [Line 2 of the Wuxi Metro](https://zh.wikipedia.org/wiki/%E6%97%A0%E9%94%A1%E5%9C%B0%E9%93%812%E5%8F%B7%E7%BA%BF), it actually does say which stations are underground or above ground, which greatly reduces your search space as there are only 4 stations above ground for Line 2 of the Wuxi Metro. ::: After some searching, you might see this at Yunlin (云林) Station: ![yuj](https://hackmd.io/_uploads/BkoKkdJwR.jpg) There seems to be extra large roads, near Yunlin Station, and if we take a look at the street view: ![image](https://hackmd.io/_uploads/S19j-dJwA.jpg) This is excatly the location we are looking for. Now, we just need to compare the location with Google Maps to get the correct coordinates, and we are done! Flag: `uiuctf{31.579, 120.388}`