Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/c3n7ral051nt4g3ncy/tiberian_order_writeup

Writeup for the Tiberian Order - Contract: Road to Nowhere (OSINT Challenge)
https://github.com/c3n7ral051nt4g3ncy/tiberian_order_writeup

challenge ctf ctf-challenges ctf-solutions osint solutions writeup writeup-ctf writeups

Last synced: 15 days ago
JSON representation

Writeup for the Tiberian Order - Contract: Road to Nowhere (OSINT Challenge)

Host: GitHub
URL: https://github.com/c3n7ral051nt4g3ncy/tiberian_order_writeup
Owner: C3n7ral051nt4g3ncy
Created: 2022-09-03T13:51:42.000Z (about 2 years ago)
Default Branch: master
Last Pushed: 2022-09-12T17:48:07.000Z (about 2 years ago)
Last Synced: 2024-10-14T03:49:31.691Z (30 days ago)
Topics: challenge, ctf, ctf-challenges, ctf-solutions, osint, solutions, writeup, writeup-ctf, writeups
Homepage:
Size: 27.3 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Tiberian Order CTF writeup
Contract: **Road To Nowhere** | OSINT CTF Challenge

*This isn't a writeup about skill, as I used absolutely no skill for this Challenge, the writeup emphasizes that if you use the right tools, and are used to competing in challenges and CTF events, you can find information quite fast.*

# About The Tiberian Order

The [Tiberian Order](https://tiberianorder.com/about/) is an ancient organization that has stood the test of time. Originating from medieval Europe, her origins are unknown to anyone except her members and clientele. In the earlier days, the Tiberian Order would influence heads of state, or take on clandestine espionage work for wealthy people.

# Mission Details

`Special Agent K`, we’ll be needing your assistance on a geolocation matter. One of our clients, a medium sized European goverment agency, has requested we find a needle in a haystack.

Our client is involved in fighting terrorist groups in `Asia` and `Africa`. Recently, they gained access to a Dropbox account filled with map data. Most of these seem to be related to safe houses used by a terrorist organization called `“The Meercats”`. Indeed a strange name, but nontheless, they mean business.

After having located most safehouses, our client is still struggling to locate a few of them. Since the operation to take down all of these locations needs to be synchronized. There’s an urgent need to `identify them all` before the next phase can begin.

Below you find `an image` of what appears to be a `village`, with a `red marker to indicate the exact location`. It’s your assignment to `find where in the world this is`. Currently we have reason to believe this is in `Africa` or `Asia`. But, given the organizations’ widespread members, this is only a guess at this time.

Use the `coordinates` you find `as the password to open the ZIP archive`. Inside, you find the `linkfile to your Contract Card` as always. Also, we heard the number `1920` is of importance in this case…

As always. Special Agent K, the contract is yours, if you choose to accept.

`I highlighted the important information to me for this investigation.`

# Image that was provided:

The location would be possible to find by hovering for hours in Google Earth, I have found locations like this on past Hacktoria CTFs, but there is often hidden infirmation inside images!

# How I solved this in less than 10 minutes

My *Go To Tool* for image analysis is [Aperi'Solve](https://www.aperisolve.com), it's a gem of a tool, and always the first one I go to. I also solved a challenge on the 404 CTF organised by the DGSE with Aperi'Solve.

First I submitted the image, and got no results, the great thing about Aperi'Solve is that it stores who came and when, and what passwords were tried.
I saw that the pw:``1920 was tried, Aperi'Solve won't tell you if the password works, but from seeing 1920, it came back to me that the initial mission briefing said that `1920 is highly important`, which can be classed as a hint.

We can see 9 people uploaded, and common password was 1920.

# Resubmitting
I decided to resubmit, by enabling password.

Bingo! We can see a `location.txt` file hidden inside the image with StegHide (Steganography)

# Extracted .txt File

The extracted file gives the following coordinates: 20.899370,95.118041,16
*Notice the format which wouldn't be recognised by Google Maps, this also means someone trying to solve the challenge who used Google Maps to get the location would have a hard time finding the same matching coodinates.*

Gmaps format has a space after the comma, so I tweaked the coordinates in order to compare the photo to check if everything matches.
These are the coord. I used in Gmaps: `20.899370, 95.118041`

Comparing image provided in the mission briefing with Google Maps:

Location: `Hnit Kyat Khwe, Myanmar, ASIA`

# Final Step
I used the coordinates found to open the encrypted zip file, there was a link: https://bit.ly/-------, the link takes us to the contract card.