This was my first introduction to OSINT CTF/Challenge sort of games so I had no idea what I was doing when I started this. Also, this is my first time ever doing a write-up of any sort, so this would be fun. Pretty much I’m going to run through how I found the solution for these problems & explain my methodology. I never knew this sort of field existed within Cybersec and I’m glad I found it cause it plays to my hyper-curious strengths well.I will not be giving straight up answers , there other posts out there which have it available. This is for individuals who are kinda stuck and need push in certain direction without fully spoiling it.
(we are skipping the answer format challenge btw)
So the Second challenge of the Searchlight — IMINT OSINT challenge was to figure out what street this picture was taken on. As you can probably see from the photo this is relatively simple. As you look in the top part of the image it literally says “Welcome to Carnaby Street”. That is pretty hard to miss. All you do after that is just type it in as so: sl{carnaby street}
The Third challenge actually poses slight difficulty. The method used to find this answer involves a method of using google search queries to find very specific information. This is called Google Dorking. For example, instead of searching for user name by type — username. Instead, put it into quotations — “username”. This will pull all results that exactly have “username” mentioned. You can even use different operators to specify if you’re looking for certain file types if it’s intext or inurl. Is an extremely powerful tool.
So the method I used to solve this problem is simple. I knew from the get-go that this was in London due to the fact it says “tube station”. We call it the subway here in America so it is pretty obvious. Also, the architecture screams London as well. I zoomed in on the image and made out some of the words on the station. I typed in what I could see which was ( “lly , circus station” United Kingdom) into google. The second result was a Wikipedia entry “Piccadilly Circus tube station”, and from there you can answer all the questions related to that challenge when you go to the page.
The fourth challenge involved some googling as well as image analysis! So at face value, this picture doesn’t really offer much in terms of explanation of where this place is located. It just looks like a cafeteria area in a mall or office complex. However, on closer inspection, you get a URL on the banner. YVR.ca … what is that?
Well from the URL “ .ca “ is a Canadian website. More inspecting of the image you see a person with a high-viz vest and another person walking around towing luggage. With these three pieces of information all you do is type in the URL. This confirmed my suspicions that this was an airport. In particular Vancouver International Airport! For the last question, I assumed Vancouver international airport would be located in Vancouver! But with further googling, you find that not to be true. That little moment taught me always to do your due diligence and confirm it’s correct!
Challenge Five was really fun! You have to find out what shop the picture was taken in! So my first thought was to search the text visible in the photo, “The Edinburgh Woollen Mill” then go to google maps! I realized my mistake after I hit search, there are apparently numerous Edinburgh mills in the UK. Luckily google maps show you the outside of the venues but still, there are a lot of them to go through. So I did what any rational person would do … screen them all! My brain loves these sorts of activities so it only took about 6 mins to find it. Once done I went to google street view and boom there it was. The shop was “The Wee coffee shop”. Following a google search, you get their Facebook page and all their other information. The only matter you might have to dig for more would be the surnames. By knowing the owner’s first name you can use simple google dorking to find the surnames pretty easily. I used( “David” Wee Coffee shop ) to find the answer.
Challenge Six involved image search which I had a lot of familiarity with. I had a lot of experience with google image search but I never considered using Bing. In fact, I didn’t even know Bing had an image search and to my surprise, I found out it was pretty freaking good. So for this challenge, take the image and search it into Bing! Once you do you are able to sift through the images until finding an article that mentions the name and all the other information.
Challenge Seven, this was absolutely the most difficult one(for me). Putting the image into google search kinda gives ya spoiler results which I ignored but other results came up as well. There is a blog by this polish lady that helped me determine that this was European sculpture and to focus more on Europe. I put the image into Bing and got the name of the sculpture it was in Oslo Norway with other cool little statues in Vigeland Sculpture Park. I realized there was no exact image of the one I had downloaded. Every other photo that was similar was either from a different year or a different season,this where I began to narrow my search. I figured this was in spring/summer, if you look in the background the trees are very green and lush. The photo I had was definitely newer and not older, In the background of the photo, you see a building that it is completed. In other photos, it looks like it is in construction or renovation. The thing that made me narrow it by is when this picture was taken was the little metal cable barrier around it. The first picture I saw with this barrier starts in 2017 (this was determined after alot cropping and sifting through bing/google images). This means I can ignore all the other previous year’s photos but there was an issue.
I could not find who took the picture. I was at it for 2 hours. Heading from a dead-end to another dead end. I had everything specified down but still could not get close to an answer. I used everything from EXIF data and a whole bunch of google search queries and cropping of the photo. I even used Yandex image search as I thought it would give more results and more leads. Still dead ends everywhere. So I took a peek at someone’s blog on this CTF and I had the person’s name now “K***** Stensrud”. Now I could work backward and find what would lead me to that name. Still, none of my other searches would lead me to the name K***** Stensrud. So I read another blog, It said to go to the Visit Oslo website and it would have it. The author was correct. All you had to do once you had the location and name of the park was just go to the local tourism website. There you will find the photo with the person who took it. All those hours and it just took a simple little search. One thing I learned from this challenge is sometimes the answer is just a simple search. Go to local boards and websites, they can offer more information than google dorking and image search analysis sometimes.
Now for challenge Eight! This challenge a simple image search would not work. This is because a lot of news articles references this image a lot. 99% of the time they’re just using it as a simple stock photo. The article that features the photo never really mention the location of the statue or anything. I zoomed in on a different stock photo of the same statue , I knew it was the same because of the brick building reflection on glass windows . A partly cropped out “United States” was visible on the building above the statue, but it was not a good enough reference to pinpoint what state it is located in . It is only when I saw a meta tag on an article that said “united states federal court” it gave me enough detail to shorten the scope of the search. When I searched the image again with “United states federal court” in the search box I only got a bunch of protest images. So I did a search again and put “United States courthouse lady justice statue” in the search box.
This was successful; it gave me a photo at a different angle of the same statue. When I clicked it photo(on google images) and looked at the other similar results for that image. I found the location was the United States courthouse in Alexandria, Virginia. Once the location was found a google mapped view confirmed I was correct. For some reason, maps were not giving me the building name so I zoomed out of the satellite view for a bit and refreshed and switched to map view.I was able to get the name of the building directly across from the statue after that. Simple and Easy.
Challenge nine was great as it was in a video format, But just like the challenges, this was pretty simple once I knew where to look.I did not use the tool suggested for the challenge . All I was doing was looking for any identifying information in the video provided. The biggest landmark in the video is obviously the sign that says “Riverside Point”. The video continued and the camera panned down below where the person was filming showing a few colorful buildings. I now had enough references to finding this place no problem. I chose not to use an image reverse search for this one. Instead, I just did a simple google search! “Riverside point tourism” is what I typed in, then click google images. There I found a picture that matched the landmark in the video. I now knew this place was in Singapore. So I just typed “Riverside point Singapore” in the search box and went to google maps. It was the first result. After doing basic geometry (looking across the river) and searching for the colorful buildings the camera panned to I found where the video was filmed. However, like last time, I could not find the building name. It was not popping up in satellite view or general map view. So I was in a conundrum of how to find the name of the building.
On the street view, the building is under renovation. If you click the street view more you can get inside the building. I was looking for a reference to the building name As most of the time there will be a name listed or plaque somewhere on the building. So zoomed into the top-down map view pondering what I should do next. I noticed the roof of the building. In google maps, you can angle the top-down maps to a horizontal one 3D view. I got the name on the banner on top of the building as “Novotel”. I typed into google “Novotel Singapore building “ after some scrolling I finally got the name of the building. The “NOVOTEL SINGAPORE CLARKE QUAY”.Thus ending my first OSINT challenge/CTF!
This was a learning experience. Even some of these were simple and easy. They required a lot of thought, intuition, and generally determination to find these answers. Will definitely be using more of Bing and Yandex in the future. This also made me realize how much I actually know just from reading over the course of these years. If I were to give this challenge to one of my non-computer friends or younger me this would have definitely posed a serious challenge. Will definitely be doing more of these in the future 110%! Thank you for reading!
