Published on

Emergency - OSINT - Cyber Siege 23

Authors

Emergency - OSINT - Cyber Siege 23

Hint: In case of fire, exit the building rather than tweet about it.

This challenge was given in the Medium category of Cyber Siege CTF.

The user is provided with an image:

emergency (1)

Here we are given an email:

test.thegr1ffyn@gmail.com

To get ahead with the question, we use epieos.com

image

We see that we can use this tool to perform OSINT on any email address. We search for our given email.

image

We got this as a result:

image

We are given a hint which tells us about how time management is very important to our user. Did you get it?????

We see that we are given a Google Calender link that we can look into to find something juicy.

https://calendar.google.com/calendar/u/0/embed?src=test.thegr1ffyn@gmail.com

Ahhhh, here it is:

image

So we have a hint:

You are going in the right direction, continue perpendicular to the ground at SUM32768

to find the emergency.

Notice how we are given a string, we search it out on Google.

image

Seems like the given string relates to some kind of flying as given in our hint as well. The first result is a tweet about an aircraft. Lets check:

image

So this seems like the flight number of an aircraft that is being reported by a Twitter Investigator. We scroll down a bit to find another hint.

image

Seems like we are almost there, all we need to do now is to find the time of landing and the total time of the flight on 7 February 2022.

Flightradar24.com is a good tool to find information:

We enter the flight details:

image

We check this to find the exact flying details on the specific date.

image

So here we have our flag:

AOF{10:57PM_3:22}

Easter Egg:

Sometimes smart work is more efficient than hard work. If you went through the calendar, you will notice that one more memo is given on September 24, 2022.

Lets open it up:

image

image

If we click on copy to my calender, it redirects to another page where we can see all the details of the memo. Notice how there is a file given in the attachments:

image

Lets open up the file:

image

The whole question endpoint is given here. Its always better to look for more ways to find a clue.

Hope it was fun to solve although no one was able to solve this :D

Discuss on TwitterView on GitHub