Introduction
This time I encountered a classic osint problem when playing ctf. Here I will share how to do this kind of problem.
Topic link:
https://platform.lac.tf/challs
Topic introduction: Can you guess the name of this cat paradise? The answer is the website domain for this location. For example, if the answer is ucla, the flag would be lactf{ucla.edu}
analyze
Download the picture and open it to see a group of cats
surface analysis
The person in the photo looks to be Caucasian. I guess it is in Europe or North America, and the tags around it are all in English. I guess it is a country where English is the main language.
Now check the exif information of this image
What is exif information
When we take pictures, exif can record the attribute information and shooting data of digital photos
exif analysis
Here use the exiftool tool in the kali system to extract the exif information of this picture
exiftool CATS.jpeg
This photo was taken by an iPhone, model iPhone SE
The shooting location is a place called Lanai Cat Sanctuary, the city is called Lanai City, and the country is the United States
You can also see the latitude and longitude information here
20 deg 47' 27.52" N, 156 deg 57' 50.03" W
Get a location and website domain name
The topic asks us to find the official website of the photo organization, here we get the following information
国家:美国
城市:lanai城
地点:lanai猫保护区
经纬度:20 deg 47' 27.52" N, 156 deg 57' 50.03" W
With so much key information, you can find the official website directly with Google, keywords
US Lanai Cat Sanctuary
or by latitude and longitude
The website domain name is: https://lanaicatsanctuary.org/
The flag is:
lactf{lanaicatsanctuary.org}
It is very important to calm down and sort out the extracted information all the time, because osint searches for a specified target in the Internet, just like looking for a needle in a haystack
What to do if there is no exif information
If there is no exif information in the picture, you need to analyze the location through the picture
Suppose you have a picture, but don't know where the picture was taken, no exif data, no useful information, how do we find out where the picture was taken
This is a picture, the difficulty is easy, suppose we want to investigate this picture, what information can we find from it?
In fact, there is a lot of information in this picture
car
这是一辆凯迪拉克汽车,我们可以寻找出售凯迪拉克汽车的地方来缩小寻找的范围
我们还可以看到,这辆凯迪拉克停在路的右侧,方向盘在车辆的左侧,所以可以确定这个国家的汽车方向盘是左边的
我们还可以看这个车牌,可以说明这辆车所在的国家
background
我们可以看见周围有很多雪,说明这张照片不是在南半球或者赤道附近拍的
我们可以根据十字架来判断这是一个教堂
还有一座桥,路灯,路牌,河流
Now we get a lot of information from this photo, first we do a google image search
This may be an image taken in Gothenburg, Sweden. According to our previous environmental analysis, we can further confirm it
and then enter Google Maps. Our keywords are
瑞典哥德堡 教堂
This place marks our judgment
教堂,桥,分岔口,路牌,河流
Successfully found the address through the picture
reverse image search
You can also directly use Google to perform a reverse image search, and find traces of this image on the Internet through the image.
https://images.google.com
Summarize
When doing osint questions, you must calm down, extract and organize effective information from a bunch of information, and some questions are to find someone’s friend or someone’s social account, which also requires analyzing interpersonal relationships and analyzing many details. If you encounter a website that cannot be opened, or someone else has deleted the flag, you can use this website to view the page of the previous time
https://web.archive.org/
This website can view the information of each time period of the specified web page
I have taken a lot of osint tests, the most important thing is the ability to analyze, I wrote a very detailed osint article before, you can go and have a look
https://blog.csdn.net/qq_45894840/article/details/124663918