Aperi’CTF 2019 - Pwn The Scam 3 - Blog
Challenge details
Event | Challenge | Category | Points | Solves |
---|---|---|---|---|
Aperi’CTF 2019 | Pwn The Scam 3 - Blog | OSINT | 100 | 7 |
Un site de scam Bitcoin a été découvert sur TOR. Vous avez été missionné pour en prendre le contrôle.
Pwn The Scam est un challenge d’OSINT, il n’y a pas de vulnerabilité web à exploiter! Format de flag : APRK{flag}.
Maintenant que vous avez en possession l’IP, continuez sur cette piste.
TL;DR
Reverse lookup with 137.74.112.46
on Virus Total leads to nothing-here.com
. Flag is on contact page.
Methodology
Reverse lookup
In order to get more information, we need a list of every domain names and vhosts. For this, we can use the IP on different search engine such as https://ping.eu/rev-lookup/, Google, Yandex and more specific search engine like Virus Total or Community riskiq.
Finally, we got results with
https://community.riskiq.com/search/137.74.112.46 : nothing-here.com
and https://www.virustotal.com/#/ip-address/137.74.112.46 : nothing-here.com
.
Crawling
Now that we have the new hostname, we can browse the website.
Once again the website is about bitcoins ! On the last page (contact) we got the flag in “informations” field.
Flag
APRK{fR0M_IP_2_dN5}