Transcription

This is an easy hacking test. Are you able to use open source intelligence to solve this challenge? I want to learn more about hacking so I don't get hacked as easily. Previous video I did an easy test and it wasn't great. Let's see if I can do better. What information can you possible get with just one image file? Why does it say possible? Download task files. It's just an image of the Windows background. Save image as. Windows XP and a bunch of numbers. I wonder if that has anything to do with the test. Enter the questions below. Doesn't seem like there are that many questions. What is this user's avatar of? I don't even understand the question. What city is this person in? Ooh, just from that one image. What is the SSID of the WAP connected to? What's his personal email address? Maybe they're not going to be so easy. Okay, let's start with the first one. What is this user's avatar of? At least I have some hints. Let's not use them yet. And inspect this image. In the previous test, I learned that images contain a bunch of useful metadata. So let's Google check image metadata. Surely this reveals something. File name. Oh, it has GPS latitude and GPS longitude. So essentially coordinates. What if I right click show more options and properties. Is there anything here? Details. It has GPS here. Okay, here's another website. I'm not sure how coordinates work. This says north 44 and a bunch of numbers. Do we have a similar format? Not really. Maybe AI can help. The coordinates are located in the United Kingdom. However, there seemed to be some discrepancy in the information provided by different sources. To find the exact location, you can use Google Maps. 54 degrees 17 something north and 2 degrees 15 something west. What if I just paste this inside Google Maps? Never mind. Example of formats that work. Decimal degrees. That doesn't look like my format. Degrees minutes and seconds. This must be the format. Degrees minutes seconds. There we go. That doesn't look like my format. Let's convert the second one as well. Beautiful. And now this should definitely work. We have something. This looks like a random road and it is in the UK. Ooh. So are there questions related to the country? What is the person's password? Wait, I'm supposed to find this from just this image? What? Maybe I click on download task files and there's something in this page. It's tryhackme upload amazonaws.com. Surely it's not in the link. Maybe I inspect this image. Doesn't seem like there's anything here. Maybe there's some more information in the metadata? Copyright O. Wood Flint. Wait, is that the person's name? Or is it their username? O. Wood Flint people finder. Ooh, there's a Twitter account. Oliver Wood Flint blog. Surely this is it. I'm in New York right now so I will update this site right away with new photos. Home. Contact. Interesting. What can I find from this website? Maybe I can find who owns this domain. I mean, Oliver Wood Flint would probably be it. From this location, I can't really find what city is this person in because it's in the middle of nowhere it seems like. On some random road. But there is a website and there's a Twitter profile and there's a GitHub account. I like taking photos and open source projects. From my house, I can get free Wi-Fi. BSSID. Ooh, there it is. What is the SSID of something he connects to? Surely this is it. Please. Oh, your answer is incorrect. Never mind. From my house, I can get free Wi-Fi. Okay, let's check out the GitHub account. Hi all, I am from London. I like taking photos and open source projects. London. There you go. What city is this person from? Boom. Yes. Last time I did this, I had to find an airport and I struggled for so long. Just guessed a bunch of stuff. So I'm happy that I got the city from the first try. Not the SSID though. What is this user's avatar of? Not sure if I even understand the question. Is it a cat? Maybe it's a cat. Oh, answer format, three letters. Surely it's a cat. Let's go. This is going so much better than the last time. Let's skip this question. What is his personal email address? Also inside GitHub. I think I remember how to find this. Oh, there's a read me. Project starting soon. Email me if you want to help out. Okay, this is much easier than last time. Submit. Got him. What site did you find his email address on? Is it GitHub? It is. Okay. Maybe I underestimated my open source intelligence abilities. Where has he gone on holiday? So this surely is New York. Boom. Okay. What is this person's password? It just got serious. Surely it's not going to be revealed easily. Or is it? Before trying to figure out the next answer, I want to tell you about Savala, the sponsor of today's video and the perfect tool for developers and teams to host and manage their digital projects like entire applications, databases, objects, and static websites. Unlike many platforms, Savala offers unlimited collaborators, parallel builds, and no restrictive fixed plans, providing complete flexibility for your team's growth. And by leveraging Cloudflare and Google Kubernetes Engine across 25 regions, Savala ensures top tier readability and performance. The best part is that Savala is built with ease of use in mind, prioritizing seamless development workflow with an intuitive UI and easy Git deployments. For instance, you can manage and interact with your databases effortlessly through their database studio. And there's native support for both trunk-based and GitFlow-based setups, as well as mirroring workflows familiar to Heroku developers. And as a Kinsta product, Savala comes with built-in enterprise-grade security and strong support, giving you peace of mind. You can get a $50 credit on your account to deploy your first web project by clicking the link in the description. Get started today. Okay, back to the test. Wait, why did I need these coordinates? I didn't do anything with this road. Was it a red herring? Maybe. What is the SSID of the WAP? So what does WAP mean? Wireless Access Point, a device that allows wireless devices to connect to a network. There is a BSSID here, and I need SSID. Wonderful. I need to find SSID from BSSID. To directly find the SSID from BSSID, you typically need to scan for nearby networks and match the BSSID with its corresponding SSID from the scan results. Okay. Previous video, I went into a website that let me look up for networks. I totally forgot what it was. It could have been this one, Wiggle Wireless Network Mapping. Yes, it is. This is the exact one. Okay, so here I have the BSSID and filter. It's going to ask me to add an account, won't it? Wait, it found something. Well, this is just a map. It's in San Francisco. Something doesn't add up. Oh, look at this. Wi-Fi networks over time. In 2010, there were so little, and now there's a bunch of them. Still updating. Plot error. Why? Let me check if I'm still signed into this website from my laptop. And I'm not. But I have it saved in my iCloud password thing. So let's type in the BSSID here and filter. Please work. It's San Francisco again. So what do I do with this information now? I'm not sure what I'm looking for, but I'm going through his GitHub commits, looking what he added or removed. Hope you have not changed your password. It took me a while finding it. Is this someone from taking this test or an actual comment? I can't tell. Okay, so the password and BSSID is probably going to cause problems. This website doesn't seem to be responding or anything. Daily limit. I think I've reached the daily limit for searching up for this network. Not great news. SSID and BSSID. Let's look at a tutorial. Oh, the SSID is just a name of the Wi-Fi network, and BSSID are a bunch of these letters. And this is a router, I think. Yes, it has SSID Sunny Wi-Fi and BSSID, this number here. Oh, never mind. It seems like the same Wi-Fi name can have multiple BSSIDs. Interesting. This tweet has 104 replies. Completed the CTF today. Oops. This contains spoilers. What is this? It's an error code. Blue screen of death. Okay. So for some reason, this website doesn't seem to be finding anything because I've reached a daily limit and it didn't find anything before. Before. Let me try again on my laptop. Maybe I misspelled something. Yes, it just throws me into San Francisco. What's the format of this answer? A bunch of snowflakes. Oh, and there's no hint for this. I better figure this out. BSSID is a unique identifier for an access point or a Wi-Fi router. I think this means. While SSID is the network name that multiple routers can share. Wireshark or similar capture tools. Capture wireless traffic using Wireshark. What is Wireshark? Go deep. The world's most popular network protocol analyzer. I'm scared to install this. Okay, let's try it. I'm probably going to regret doing this. Oh, what was that blink there? I know you saw it. I need a slow motion replay. Please don't mine any Bitcoin. Completed. Next. Now there's probably going to be some blurring here. Oh, I opened that program and immediately realized that it's way over my head. So just a quick uninstall. I actually uninstalled it. Didn't just move it to the trash. Come on. You didn't think that's how I uninstalled it. Anyway, so I'm really stuck here with the SSID. The website doesn't seem to be doing anything. Or maybe I should use the coordinates. But how? I could take the hint for the password. No way I'm taking the hint. These other questions were so easy and then there's these two, password and SSID. I'm just completely stuck. I'm 90% sure that I can find it on this website, but it just doesn't work. I'm logged in on another computer and it still shows me nothing after I put in the BSSID. Skill ceiling reached. It says here I can do it within Kali Linux. Obviously, I don't have Kali Linux installed. Maybe there's Kali Linux on web. Kali in browser. No VNC. Oh, this is just like a guide. Does this exist on Arch Linux? Yes. The wash package, a tool for managing snap packages, exists and can be installed. Can't believe I ended up on the Arch Linux user repository this video. Oh, SNIT walkthrough. Don't look at the spoilers. The SSID paste not working. HTTPS wiggle.net. Should I take a peek inside? Maybe it actually doesn't work. No answers. Now I'm concerned that it doesn't actually work. Oh, I just remembered. I can do it through Windows with Windows subsystem for Linux. It was a terminal or PowerShell. I think I need the terminal. I just learned how to do this a few weeks ago. VSL dash L. Windows subsystem for Linux distributions and I have Ubuntu and here VSL install Kali Linux. I can install it through Windows. Boom. This is going to take 7 billion years. It's done. Let's create a username. Leg. New password. I just typed it in and nothing's happening. I typed it in without having the terminal window selected. Brilliant. Message from Kali developers. This is a minimal installation of Kali Linux. You likely want to install supplementary tools. And now to get the Wi-Fi SSID of a specific BSSID, you can use the wash utility command. Wash is a utility provided by the reaver package. Install the reaver package. Apt. Get. Install. Reaver. Let's paste it here. Enter. Could not open lock file. Permission denied. Unable to acquire D package frontend block. Are you root? Oh. Pseudo. Apt. Get. Install. Reaver. Unable to locate package reaver. How so? Maybe wash already exists. Can I do man wash? Command not found. What if I just do wash? Could not be found. Pseudo. Apt. Install. Wash. Was that not what I did? I can't locate package wash. That's because I need reaver. Boom. Unable to locate package reaver. Well. Pseudo. Apt. Update. Pseudo. Apt. Install. Reaver. So that doesn't seem to be working. Oh. It says working. Continue. Yes. So I think it installed it. Run wash and scan for nearby access points. So does wash do anything? Oh. It's here. What do I need to do next? Use the following command to run wash and scan for nearby access points. Replace interface with the name of your wireless network interface. Wash will display a list of access points along with their BSSID. So wash-i. I'm not sure what this is going to do. Wash-i. And then if I paste in what he said here, the BSSID. Maybe this works? Error. PCAP active. Status minus 5. No such device exists. Couldn't get PCAP handle exiting. Probably doesn't work. I'm not sure if I'm not afraid to run all of these commands without understanding what they do. I'm scared to do this. Well, here we go. Let's actually uninstall Kali Linux. I am way too not ready for this. VSL. Unregister. Kali. Linux. Boink. The operation completed successfully. Maybe this website works now? No, it doesn't. Great. Maybe this is tomorrow when my daily limit becomes available. Okay. It's the next day. Let's try using the website one more time. Wait. There's something here. In London. Wait. Zoom in. Enhance. There's a name. Un-something Wi-Fi. Nearest network. SSID Marriott Bonvoy. What? Is this it? And there it says Unilever Wi-Fi. Wait. I can see it here. Answer format. Oh, it's definitely not Marriott Bonvoy. So it could be Unilever Wi-Fi. Unilever. Unilever. Unilever. Unilever. Unilever. Unilever. Unilever. Unilever. Unilever. Unilever. Wi-Fi. I think it fits. Unilever Wi-Fi. Submit. That's crazy. So the Kali Linux installation was for no reason. I was just not able to use this website yesterday. And probably I didn't check London before because it put me in San Francisco. So I didn't actually zoom out and look across the map. There was this purple little thing, semicircle, showing me the place. Wow. That one took some time. What's the person's password? Now, how would I even find that out? I'm guessing it's on his GitHub or Twitter somewhere. It could be on his blog as well. We're going to have to do a little bit of digging. But that's crazy that I found this out. If I didn't know about that website from the previous video, I would have been in trouble. How would you ever find the password? Also, if you got this far into the video, then subscribe. It will make number go up. People Finder. Hi all. I'm from London and love to take photos. I like taking photos and open source projects. Follow me on Twitter. There's an L. This project is a new social network for taking photos in your home. Home town. Project starting soon. Email me if you want to help out. Wait. I didn't view arrows before. Message me on Twitter for my email. Probably not a good idea to give it out publicly. Howwoodflint at gmail dot com. So what if I Google for his email instead of quotes so it only finds it? Don't look at the medium spoiler articles. Surely there's no way I'm finding the password without a hint. Unless he actually put his password somewhere. Yeah, there's absolutely no way I'm finding it. This Twitter only has these two posts, Hello World and the BSSID. Wait, let's look at replies or media. Don't miss what's happening. Log in. Oh, what is happening with this Twitter test? I have to put things into orbit. Two is this bag. Boom, boom, boom. Yes, I'm doing this the second time because apparently I'm a robot. Seven is this thing. Four is this thing. Submit. I am a human. Thank you. Or am I? Okay, so we can see replies. Not really any replies here. Media? No media. Just logged in for no reason. This is a blog, but there's nothing really here. All the pages are the home page, essentially. And there's one post. Hey, I'm in New York right now, so I will update the site right away with the new photos. And the man just dipped after March 2019. Surely it has to do with his GitHub, right? With the readme file. View commit details. Henry3908. Who's Henry? Oh, there's more stuff here. I'm not sure that Henry and this person are related because it says here Henry wants to merge one commit. Could this be his alternate GitHub account? He worked from O.Woodflint, People Finder. So Henry copied People Finder from the original owner, O.Woodflint. I'm not sure if I'm where I'm supposed to be. Maybe this is just some random person that I'm looking at. Wait, what's the format of his password? A large word, dot, and then something else. I'm not sure if I've seen anything in this format. That's actually crazy that I've been able to find out so much about this fake person from just one image file. Because the image included the latitude and longitude and also in the copyright it said his username. That's insane. Maybe I still need to do something with these coordinates because I didn't really do much. It showed me a random road in the UK. So this could have something to do with it still. Maybe the coordinates is just a red herring because it points to nowhere, it seems like. The only thing I really have is his GitHub account, but that's not giving me much. Maybe I need to search for his email on some leaked databases. That's how I find the password. Have I been pwned? What if I put his email there? Oh no, pwned. Pwned in one data breach and found no pastes. Surely this is not it. How am I going to find that data breach, if it's even public? Maybe I search for his full name, Oliver Woodflint. Doesn't seem to have a LinkedIn account or anything. Maybe I put his blog inside Internet Archive? Okay, it's been changed in 2025, what about 2021? There's one snapshot available, maybe. It looks exactly the same. Okay, next snapshot. Still the same. Next. Still the same. Interesting. I don't even know where should I look. It's so frustrating. So who's Henry? Doesn't seem to be related to our guy, other than that he copied his project. Yep, I'm just completely stuck. Absolutely no clue. And this is an easy test. How's this easy? Okay, everything was decently easy up until here. Maybe the SSID was also medium difficulty, but the password, where would I even look for it? Unless he just typed it in here somewhere accidentally. So this is all he did. He joined GitHub, then he created his first repository and created four commits. That's it. How do I get inside of one of these commits? Otherwise, where? I don't know what else to do here. Ladies and mental gen, I think I'm going to have to take the hint. I really didn't want to do this for this hacking test, but I think I have to. I don't even know where to start. I'm actually so curious how to find the password. Boom. Check the source code. There's no way I would have figured this out. He doesn't have anything on his GitHub with any sort of code. Maybe it's his website? How to check source code of WordPress website. Simply right click on any webpage and click view page source. Oh, so just inspect. I would have never thought of doing that. View page source. Oh, there's a lot of source code. So why would someone put their password inside the source code of their website? How does that even happen by accident? Let's look for a password. Doesn't exist. Of course not. Okay, let's just look through this. How would the password even look like? Oh, so it's something dot something. Okay, let's look for dots. There's probably going to be many. More than 1000 matches. Maybe let's not look for dots. Something that has a dot and one symbol afterwards. So these are HTML style attributes. Surely the password won't be inside of them. Jetpack settings. That's a WordPress plugin. This is something to do with the plugin and it ends here. Probably no passwords there. Oh, no, I saw a dot here and got excited. I don't think it's in this block of code. Surely not. Is this even the right source code that I'm looking at? Oh, wood flint. We got to the main content area. Wait, there's a dot and an exclamation mark. No way. I just found it. Submit. Oh, boom. Let's go. Wow. That's crazy. I'm so glad I just randomly found it. Oh, I just randomly stumbled upon this. I wasn't even going to look here. There's no way I would have ever found this on my own. I'm so glad I took the hint. That was an easy challenge. These challenges are honestly super fun to do. I'm excited to learn more about this. There's that much information about someone from just this image. Okay. And there's one more thing I forgot to mention. Elements of some-