KaffeeSec - SoMeSINT THM Writeup


Hello everyone in this blog we are going to look into the interesting Social Media Intelligence Room on Try Hack Me (KaffeeSec-SoMeSINT). This room will let you check your web archiving and social media investigation skills.

Task 1 Overview 

Before starting there are some Prerequisites.

  1. Critical Thinking.
  2. A love of going deep into rabbit-holes. (I surely love it but sometimes annoying)
  3. Basic understanding of Google. 
  4. Python 3.7+
The flag format for this room is ks{Flag}.

Task 2 Story 

There is a brief introduction about the agent and his work and task assigned to him in this room. read carefully the Information given and you can easily answer the question.


1) Who hired you?

Ans: "Only one letter" name discussed in the story.

2) Who are you investigating? 

Ans: Someone whose name starts with "T".

Task 3 Let's get started!! 


Given in the story by talking to people the agent has founded the username of target, searching on social media I found two valid accounts on Reddit and Twitter by that username

Twitter


Reddit


1) What is Thomas's favorite holiday?

Ans: A festival given in his Twitter bio.

2)What is Thomas's birth date?

Ans: His Reddit post says that he is 30 years old, see the post date and try to guess.

3) What is Thomas's fiancee's Twitter handle?

Ans: Looking through Thomas's Twitter bio, I got the name of his fiancee, seeing through Thomas's followers I got her Twitter account.



Task 3 Spider... what?

Following the instructions given, install spider foot and run it.



Open spider foot and start the scan on your target "t*********n".



Once the scan is completed, answer the following.

1)What was the source module used to find these accounts?

Ans: In the scan result under the account on external sites I found the source module used.




2)Check the shadowban API. What is the value of "search"?

Ans: In the scan result under the account on external sites I found the shadowban API link, clicking on the link I got the value of the search.




Task 5 Connections, connections.

1)Where did Thomas and his fiancee vacation to?

Ans: Rolling through his fiancee profile I found their vacation image. A reverse image search of that image gives me the place staring with K******.




2) When is Francesca's Mother's birthday?

Ans: Through Francesca's tweet, I found her mother's birthday (it's a festival).


3)What is the name of their cat?

Ans: From a tweet about her cat G*****.


4)What show does Francesca like to watch?

Ans: A show that streams on discovery+.




Task 6 Turn back the clock!!

These tasks are mainly based on the web archive used http://old.reddit.com/ for all these purposes.

1)What is the name of Thomas's coworker?

Ans: Visited Thomas Reddit birthday post and achieving it to the first version I got a coworker name.




2)Where does his coworker live?

Ans: I just guessed it as the same place where Thomas lives.

3)What is the paste ID for the link we found? (flag format)

Ans: Archiving the coworker Reddit profile, in the recent archive, I found Electric Boogaloo post clicking on that gives us the ghost bin link, the last five characters of the link is the flag.



4) Password for the next link? 

Ans: From the previous Ghostbin link,  I got the link and password for the next message.


5)What is the name of Thomas's mistress?

Ans: Accessing the second link followed by password in the URL, I got a message between Thomas and his Mistress.



6)What is Thomas' Email address?


Ans: Found it in the above messages s*************@mail.com.


Congratulations !, you have completed this room.


Hope You learned some social media Intelligence from here, If you are still stuck anywhere do share your doubts in the comment section.


Author:

Ashish Chaubey (hackpandit)

LinkedIn

Comments

Post a Comment

Popular posts from this blog

Configuring your browser with Burpsuite

Image
Hello Everyone in this blog we are going to learn how to configure your browser with burp suite. You can configure any browser with burp suite but my preferred browser is Firefox. So Once you have installed your Burpsuite, follow the steps given below. 1. Go to Proxy Tab -->Options-->Proxy Listeners. Check whether the proxy listener is running or not. then tick the running check box. 2. You can go with the same setting with port 8080 since this port is quite common. I personally prefer to go with a different port (8081), You can change the port by click on the edit button, change the port number and click ok. 3. Now open your Firefox browser, Open Menu-->Options-->Search Tab= "Proxy." 4. Click on Settings -->Configure Proxy Access to the Internet -->Manual Proxy Configuration. Add your respective setting of the Proxy listener here and tick the check box (Also use this proxy for FTP and HTTPS). Then click ok. 5. Now go to your URL bar and write http://burp if...
Read more

Getting Started In Hacking

Image
What it is? Many of you listened about hacking either in the newspaper through a kind of fraud attention article in your newspaper or see your heroes hacking the FBI network in movies  .but  what is hacking actually is  "a supernatural power given to your heroes by almighty gods ". No, not at all, hacking "hacking is the act of exploiting a vulnerability". Now, what's a vulnerability. it is a weakness that exists in your environment, in your machine, at your door locks, and even in your mind. The Person who plays with these vulnerabilities and makes computers and persons behave abnormally is called a Hacker. In this blog, we will be talking about types of hackers, ethical hacking, why we need it, and basic hacking methodologies. Types of Hackers There are many categories of hackers but hackers can broadly classified into three types based on their Intent. 1) White Hat  These are the good guys who hack for good  by responsibly reporting the vulnerability  or...
Read more