Room: Advent of Cyber
Difficulty: Beginner
“Elf Lola is an elf-of-interest. Has she been helping the Christmas Monster? lets use all available data to find more information about her! We must protect The Best Festival Company!”
This challenge focuses on using Open Source Intelligence Techniques to try and find out more about Elf Lola. We are going to be referencing the OSINT Framework, found HERE. It is a good idea to bookmark this resource.
Question #1 What is Lola’s date of birth? Format: Month Date, Year (e.g November 12, 2019)
For this flag, we can simply type Elf Lola into Google. Her Twitter page is one of the first things that comes up.
Her date of birth is clearly available.
You can also see she has a link to her personal blog. Let’s open that in a new tab, since it might be useful for later.
But…let’s pretend looking her up by name didn’t work. An alternative technique would have been to use exiftool on the Grinch photo we downloaded from the question.
Exiftool is used to extract metadata from images. This is text data that is stored in the photo when you take a picture, such as the camera specs that were used, and possibly even info about who took the picture.
If you need to install it on Kali, the command is:
sudo apt install libimage-exiftool-perl
To run exiftool:
exiftool <filepath>
These are the results I got when I ran the photo through:
After this, we could have searched for “JLolax1” using Google, which would have led us right to that same Twitter page.
Another alternative is to use Windows to extract some of this same data. Download the file, right-click, and then choose properties. Under the Details tab we see this:
It’s good to have many options.
Question #2 What is Lola's current occupation?
This next question is pretty easy after you gain access to her public Twitter page. Lola clearly lists her current occupation.
Question #3 What phone does Lola make?
Another easy one. Simply check Lola’s tweets. She is excited about being able to make a certain type of phone, and then sends a Tweet from it.
So far painless, right? Lola is not making this difficult.
Question #4 What date did Lola first start her photography?
For this question, you can utilize the OSINT Framework to find a possible strategy, or recall that the resources attached to the question referenced the Wayback Machine, found HERE.
OSINT path: Archives > Web > Internet Archive: Wayback Machine
If you paste Lola’s website address into Wayback’s search bar, it will return some historical data. We can see when Lola started being active on her website:
Let’s click on October 23, 2019 to see her very first update.
Looks like she is having an anniversary celebration to celebrate her photography career! With this info, we can do some math and find out the flag for Question #4.
Question #5 What famous woman does Lola have on her web page?
For this flag we will download the image (right-click and save it) from Lola’s webpage and then do a reverse image search with Google.
And this is the result we will find:
I hope you saw how easy it was to use basic Open Source Intelligence Techniques to discover a large amount of info about someone in a short amount of time. Did you notice that Lola even had her physical address listed on her website?
Happy Hacking! ❤
