Return to topic cards

Understanding Cybersecurity Challenges

OSINTCybersecurityMetadata AnalysisSocial Media InvestigationPassword Discovery

This guide walks you through a cybersecurity challenge using open-source intelligence (OSINT) techniques. You will learn how to gather information from various sources to solve a series of questions.

Key Points

  • OSINT Techniques: Utilize open-source intelligence to gather information.
  • Tools and Commands: Use tools like exiftool and online platforms like Google, Twitter, GitHub, and Wigle.net.
  • Data Extraction: Extract metadata from images and analyze social media profiles.
  • Practical Application: Apply these techniques to solve real-world cybersecurity challenges.

Challenge Overview

Download Task File

  • File: A picture of Windows XP wallpaper (WindowsXP.jpg).

What is this user's avatar of?

  1. Use the command:

    exiftool WindowsXP.jpg

  2. Analyze the output:

    ExifTool Version Number         : 11.88
File Name                       : WindowsXP.jpg
Directory                       : .
File Size                       : 229 kB
File Modification Date/Time     : 2022:09:02 08:48:02+01:00
File Access Date/Time           : 2025:03:30 12:59:20+01:00
File Inode Change Date/Time     : 2022:09:02 08:48:11+01:00
File Permissions                : rw-rw-r--
File Type                       : JPEG
File Type Extension             : jpg
MIME Type                       : image/jpeg
XMP Toolkit                     : Image::ExifTool 11.27
GPS Latitude                    : 54 deg 17' 41.27" N
GPS Longitude                   : 2 deg 15' 1.33" W
Copyright                       : OWoodflint
Image Width                     : 1920
Image Height                    : 1080
Encoding Process                : Baseline DCT, Huffman coding
Bits Per Sample                 : 8
Color Components                : 3
Y Cb Cr Sub Sampling            : YCbCr4:2:0 (2 2)
Image Size                      : 1920x1080
Megapixels                      : 2.1
GPS Latitude Ref                : North
GPS Longitude Ref               : West
GPS Position                    : 54 deg 17' 41.27" N, 2 deg 15' 1.33" W

  3. Search for OWoodflint on Google to find the Twitter account. The profile picture is a cat.

    Answer: cat

What city is this person in?

  • On Google, find the GitHub account where it states: Hi all, I am from London.

    Answer: London

What is the SSID of the WAP he connected to?

  • On the Twitter account, the last post mentions:

    From my house I can get free wifi ;D

Bssid: B4:5D:50:AA:86:41 - Go nuts!

  • Use Wigle.net to find the SSID.

    Answer: UnileverWiFi

What is his personal email address?

  • Found on the GitHub page.

    Answer: OWoodflint@gmail.com

What site did you find his email address on?

Answer: github

Where has he gone on holiday?

  • Found on his blog.

    Answer: New York

What is the person's password?

  • Inspect the blog's source code to find:

    <p style="color:#ffffff;" class="has-text-color">pennYDr0pper.!</p>

    Answer: pennYDr0pper.!