Hack the Box: ID Exposed

Challenge Lab: OSINT

Difficulty: Medium

“We are looking for Sara Medson Cruz’s last location, where she left a message. We need to find out what this message is! We only have her email: saramedsoncruz@gmail.com”

I started my search by Googling the name “Sara Medson Cruz”. My first result was Facebook, and I saw this:

But that turned into a dead end, just like my Google Dorking through random social media accounts.

I floundered around for a bit, unsure of where to turn. Then I searched “Find someone’s location with just their email address OSINT” and found a very interesting YouTube video. Click HERE if you would like to watch it yourself.

Following the video directions, I created my new contact:

Then highlighted and right-clicked on Sara’s email, choosing “Inspect Element”.

I got super excited because it seemed like everything fit in with the challenge at this point, however, it did not actually work out in this case. Sara does not have the second line we needed, the one that was shown in the video:

I was disappointed, but I felt like I was on the right track.

Eventually, I came across this article HERE, which expanded upon the YouTube video in various ways, along with this blog post HERE.

The most straight forward source I found though, was this simple Reddit post HERE which utilized Google Hangouts.

Piecing together info from all of those sources, this was my method:

Head on over to Google Hangouts.

First, with the developer tools open (right click anywhere and choose “Inspect Element”), I input Sara’s email in the search bar:

You should now see something like this at the bottom of the dev tool area, in the “Inspector” tab:

Do you see this line? “div oid=117395327982835488254”? Click on that long number and you will be able to copy it.

Next, we want to open up this web address:

google.com/maps/contrib/117395327982835488254

What do we have here?

Click on reviews and you will see this:

So we found out that Sara was at a Football Museum in São Paulo.

Happy Hacking! ❤

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Samantha

Samantha

CTF Writeups to facilitate cyber education.