Jasper Alblas
TryHackMe: OhSINT – Walkthrough
It is time to look at the OhSINT box on TryHackMe, a beginner room on which we have to use Open Source Intelligence (OSINT) 🙂
I am making these walkthroughs to keep myself motivated to learn cyber security, and ensure that I remember the knowledge gained by these challenges on HTB and THM. Join me on learning cyber security. I will try and explain concepts as I go, to differentiate myself from other walkthroughs.
Room URL: https://tryhackme.com/r/room/ohsint
Task 1: OhSINT
It’s time to get started. Let’s start up your AttackBox, and move to the /Rooms/OhSINT directory.
Alternatively, if you prefer to connect to the machine by using OpenVPN, use the following command:
sudo openvpn <file_name>.ovpn
And download the files found on the room URL. With that out of the way, let’s get started.
Questions
1. What is this user’s avatar of?
Let’s have a look at the image. Run the following command to open the image:
xdg-open WindowsXP.jpg
It’s the default background all the way from Windows XP:
There must be some kind of secret hidden in this file.
Let’s start by looking at the file type with the file command. There may be times when you are given a file that has an incorrect extension to add confusion and misdirection.
file WindowsXP.jpg
WindowsXP.jpg: JPEG image data, baseline, precision 8, 1920×1080, frames 3
This seems normal.
Next up is checking metadata with exiftool.
exiftool WindowsXP.jpg
Hmm, the copyright entry seems interesting. OWoodflint. This sounds like an username.
Some quick googling brings us the following result:
We find the following Twitter (X) account:
We found the answer.
Answer: cat
2. What city is this person in?
Let’s move on.
A quick look around on this profile shows an interesting post:
It mentions as BSSID with the number B4:5D:50:AA:86:41. BSSID stands for Basic Service Set Identifier, and it’s the MAC (Media Access Control) physical address of the access point or wireless router that is used to connect to the WiFi.
Some quick searching on “BSSID lookup” brings us to the WiGLE service. Here we can search on a BSSID and the homepage should find some saved location data for this wireless access point.
We find the WAP we are looking for is located in central London.
Answer: London
3. What is the SSID of the WAP he connected to?
We found this answer as well!
It’s SSID is ‘UnileverWiFi’.
Answer: UnileverWiFi
4. What is his personal email address?
That’s all for the wireless access point. I continued by searching for his username again, and I found two more interesting pages about this person.
First is a personal blog:
https://oliverwoodflint.wordpress.com/author/owoodflint
Which does not seem to contain anything interesting at a first glance.
But remember his X profile said that he liked contributing to open source projects? There must be a Github account out there. And sure enough I found one:
https://github.com/OWoodfl1nt/people_finder
And even better, it mentions his email address:
Answer: OWoodflint@gmail.com
5. What site did you find his email address on?
This is going great. We can even answer this question straight way. It is Github obviously.
Answer: Github
6. Where has he gone on holiday?
Now that I read this question, I remember his personal blog. He did wrote something about a holiday:
https://oliverwoodflint.wordpress.com
Oliver wrote that he went to New York. And sure enough, this is the answer:
Answer: New York
7. What is the person’s password?
And here we go, the final question!
We need to find his password. I first looked at the Github source code, but nothing of interest there. All I found was a previous commit in which he wrote his email. But we already have that.
We did not find anything interest on his homepage yet, so let’s have a better look. Let’s have a look at the source code.
….
This was a tough one, but after a lot of looking around I found the following:
This sounds like a password. And YES, it is corect.
Answer: pennYDr0pper.!
Finished!
We are done. This was quite fun, but I feel like the last answer was a bit tedious.
I hope you enjoyed this walkthrough on the OhSINT room on TryHackMe.
But great job for following along. Jasper out!
Like my articles?
You are welcome to comment on this article, and please share with friends!
I would be even more grateful if you support me by buying me a cup of coffee:
I learned a lot through HackTheBox’s Academy. If you want to sign up, you can get extra cubes, and support me in the process, if you use the following link:
https://referral.hackthebox.com/mzwwXlg
Happy Hacking!
