Threat Intel Category
Challenge Details:
Open-source intelligence (OSINT) exercise to practice mining and analyzing public data to produce meaningful intel when investigating external threats.
Who is the registrar for jameskainth.com?
With just a quick search using whois, you will find the answer.
You get a phone call from this number: 855-707-7328. They were previously known by another name. (No spaces between words.)
I use this site to search for information about phone numbers. Phone number
It shows that the holder's name is SPECTRUM. But in the question, we need the old name, so I searched for the old names of spectrum.
What percentage of full-time degree-seeking freshmen from the fall of 2018 re-enrolled at Champlain in the fall of 2019?
Okay, here I have checked a lot of websites that gather information about colleges that exist in the world, then went to the Web Archive in 2018 to see the number. But I don't know why, but either the website hasn’t been crawled in 2019, the information is N/A, or even there is a percentage and it’s wrong. For example:
I have found this site, http://college-insight.org/spotlight/champlain-college/5012230852/2018 which collects information about colleges and gave me this
With a simple calculation, you will find the percentage is 83.8%, which is wrong. So, I have used my hint 😢. It says to go to https://ucan-network.org
LUCKY ME, no longer working.
but I had an idea. I checked the URLs of the site on the wayback URL.
I found approximately 140,000 URLs.
So, I filtered the output using some keywords, like "Champlain.”
Just three good
I have used Web Archive to see what is going on. I have found a snapshot in 2020; I opened it, and yes.
Champlain College has a public Excel sheet listing addresses of campus locations available on the Internet, what’s the SHA256 hash of the excel file?
Quick search to see the extension of Excel.
It's time for Google dorks.
site:champlain.edu ext:xlsx | ext:xls
Multiple Excel files showed up.
and found physical_addresses.xls. I downloaded it, then used the command get-filehash -alg sha256 physical_addresses.xls to get the hash: c96ee03c4043c366c6f573bb1d194dec8f4c0c81150c60d310bc59d9e17a6906.
In 1998, specifically on February 12th, Champlain was planning on adding an exciting new building to its campus. Back then, it was called “The Information Commons." Can you find a picture of what the inside would look like? Upload the sha256 hash here.
I tried to search Google to see if I could get a photo that is published on the site at this time with this Google dork.
site:champlain.edu intext:”The Information Commons”
site:champlain.edu intext:"information commons" before:1999
site:champlain.edu before:1999
I have found multiple images, but none of them are what we are looking for, so I tried to read the question again, and I was wondering why he is saying an exact date of 12–02–1998, okay? So, I checked this date on the web archive with the main site of Champlain, and I found this snapshot.
Then I noticed the project name on one of the tabs.
Then you will find the image that he is describing right there waiting for you to download it and get the hash with PowerShell file-gethash -alg sha256 inside1.jpg or any tool.
One of Champlain College’s Cyber Security Faculty got a bachelor’s degree in arts from this Ohioan university. Who was the other faculty member who studied there? (FirstName, LastName—two words)
I was thinking about getting all the graduates of arts from Ohio, then all the graduates of security from Champlain, and then making a simple script to find the mutual names, but he didn’t specify which year we are looking at, so it will be a long process.
Using this dork,site:champlain.edu cyber security faculty it shows me a list of them, and after I have gone through each one with my search enabled for the keyword, arts, I found three people. But none of them is what we are looking for.
Then I searched further to see all of the faculties in this link: All Faculty | Academics | Champlain College, but there was a long list, and it is given that the first letter is t, so I searched for letter. First letter: t
I ended up with this list.
Thomas Burl
Tamie-Jo Dickinson
Thomas Donovan
Trellany Evans
Tarn Foerg
Tom Funk
Taylor Harris
Thomas Jordan
Tony Langan
Tanesha Morgan
Tom Nash
Tony Perriello
Tom Schicker
Todd Schroeder
Todd Strunce
Tiffany Taves
Tracy Tuteb
Timothy Wedge
Teppi ZuppoThen go to everyone to see if they studied Ohio arts.
After a little bit, I have found that it is Todd Schroeder.
In 2019, UVM’s Ichthyology Class had to name their fish for class. Can you find out what the last person on the public roster named their fish?
I have tried a lot of Google dorks to see the fish's name; even I searched on LinkedIn to see if someone posted about it, but no luck.
Got some names for people that work there, and I have searched their Twitter and LinkedIn accounts to see if they posted about anything related. SADLY, still no luck.
After seeing all the hints, and no results, I decided to see the solution to see what was going on. I have figured out that there is this endpoint (Access forbidden! (uvm.edu)) that contains an excel file with all the names of the students and fish. But why didn't it show up while I was trying my Google dorks? “I have tried so many dorks, tbh.”
because someone limited access to the file NICE.
I opened Web Achieve to see if there were any snapshots.
I found one in 2019, and I opened it.
then downloaded the Excel file from the left panel, which contains the answer to the question.
Can You Figure Out Which State This Picture Has Been Taken From? See the attached photo.
I have tried Google Lens, but I don't know why I wasn't able to find good results.
So, I tried with Bing, and it was pretty accurate.
It gets me that this picture is from a park called Dinosaur Land. I did a quick search about that, and it is located in White Post, Virginia.
That’s all. Cya ❤️
