473 words
2 minutes
World Wide CTF [OSINT]
2024-12-01
CTF Writeups
OSINT

Bulletproof#

Bulletproof_chall_des_img ⬇️Transaction_Window_Line_System.jpg

Solution#

Looking at the corner of the image, we can see some details that are “a bit blurry,” but clear enough to read: clue_from_img After that, search on Google, and with a bit of effort, we’ll get the result: right_place Go to Google Maps and just copy the address; you’ll get the flag: flag1

FLAG: wwf{3907s12thst_tacoma_wa98405_usa}#


To the sky#

To_the_sky_chall_des_img

Solution#

The person we need to look for is named “Elowen Vaelith.” You’ll easily find him on familiar platforms like:

But I anticipated that, so I intentionally created an account on Tumblr. This platform is very well-known, but it might not be as popular among users like us (‾◡◝) tumblr_account Visit his profile, and you’ll immediately see a post with a riddle about airplanes: riddle During the CTF, some people used AI chatbots to solve the riddle. I tried it before too, but it didn’t give the correct answer (maybe my chatbot was acting dumb )

The intended solution for this challenge is to use this website: https://www.aircraftrecognitionguide.com/identify-aircraft/identify-by-airplane-characteristics

From the details in the post, use the filter to narrow it down to two civilian-use airplanes (click HERE to see the full filter)

preview

So how do we figure out which one is correct? He mentioned that the plane he piloted is about 10 meters long. Try looking up the lengths of these two planes: plane_length

FLAG: wwf{piper_aerostar}#


Identity#

identity_chall_des_img

Solution#

Digging deeper into the accounts we’ve found, we’ll discover an email address from his GitHub profile by adding .patch to the end of the commit URL.
For example: https://github.com/elowenvaelith/fuzzy-octo-garbanzo/commit/469247573c730141ec1848fa1d074c97b34c29eb.patch

email So his email is: th590668@gmail.com
Try sending him an email, and you’ll receive an automatic reply email: auto_reply_email There are plenty of resources analyzing PGP signatures; here’s one of them: https://gaevoy.com/2019/05/10/pgp-signature.html

Use this tool to decode the PGP: https://cirw.in/gpg-decoder
The article above provides a full analysis of the components in a PGP signature after decoding, but here, we only need to focus on the KeyId. decode A quick explanation about KeyId: (from the article) explain In our case, the KeyId is e2792425ca477506. By combining it with Keybase’s API link, we get the complete URL:
https://keybase.io/_/api/1.0/key/fetch.json?ops=4&pgp_key_ids=e2792425ca477506

Access the link, and you’ll get his Keybase username: orionjules keybase_username By accessing Keybase, we can get his real name: realname

FLAG: wwf{orion_jules_stewart}#


Memorial#

emorial_chall_des_img

Solution#

Going back to Tumblr, we will see this post: sister_post_tumblr He mentioned his family, and with a bit of reasoning we can follow the clues to uncover the family tree. fam_tree_web Access the website and using the name we found in the previous challenge, we can find his family tree: https://gw.geneanet.org/th590668?n=stewart&p=orion+jules&type=tree family_tree_search_result And here, we will also find out the favorite song of his sister: https://www.youtube.com/watch?v=-uFQzcY7YHc fav_song

FLAG: wwf{head_in_the_clouds}#

Postscript#

Thank you for diving into my OSINT challenges! I hope this writeup sparks creativity and sharpens your investigative skills for future CTFs.
See you in our CTF next year!

IMPORTANT

Happy hunting! 🔍

World Wide CTF [OSINT]
https://vjz3r.github.io/posts/world_wide_ctf_2024/worldwidectf/
Author
vizer
Published at
2024-12-01
CyberJutsu Christmas 2024 [OSINT]
UIUCTF 2024 [OSINT]
© 2024 vizer. All Rights Reserved.
Powered by Astro & Fuwari