top of page
Search

Vacay All Day

  • Writer: Cyber Catamounts
    Cyber Catamounts
  • Oct 30, 2020
  • 3 min read
Briefing:
Did you know that social media can be used to help us track the location of a hacker? Looking up information about our hacker could prove useful when trying to find the location and plans of the hacking. Use “instaGraff” to find the location of the hacker and help us find where the hacker is operating from.
Hint: We’ve found a recent photo containing some clues on the hacker’s location, see if you can use the photo to find out where the hacker is on vacation. The flag is the name of the city!

The social media website name totally doesn't look suspiciously like something we know. It's ok. It's different. Anyways, we see this interesting image on the website, and we need to find the location of where it was taken, AKA the hacker's vacation spot.





If you were able to guess using your eyes, BRAVO! Kudos to you. However, there was an easier way that was also the intent of this challenge: finding the image metadata.

If you paid attention during our last meeting, you would've known that metadata is "data about the data," which in this case, stores the GPS coordinates of the image.


There are a few ways to approach this problem:


  1. You could have used "exiftool" on a VM to simply print out the longitude and latitude coordinates; then by putting them into Google Maps, retrieved the location.

  2. You could have uploaded the image to an online exiftool/metadata viewer

Linux: 



[agent@cyberstart Desktop]$ exiftool vacay.jpg 
ExifTool Version Number         : 11.11
File Name                       : vacay.jpg
Directory                       : .
File Size                       : 761 kB
File Modification Date/Time     : 2020:10:25 02:45:04+00:00
File Access Date/Time           : 2020:10:25 02:45:04+00:00
File Inode Change Date/Time     : 2020:10:25 02:45:07+00:00
File Permissions                : rw-r--r--
File Type                       : JPEG
File Type Extension             : jpg
MIME Type                       : image/jpeg
JFIF Version                    : 1.01
Exif Byte Order                 : Big-endian (Motorola, MM)
Camera Model Name               : MI 8 SE
Orientation                     : Horizontal (normal)
Modify Date                     : 2018:12:25 13:13:27
Y Cb Cr Positioning             : Centered
ISO                             : 100
Exposure Program                : Program AE
F Number                        : 1.9
Exposure Time                   : 1/1985
Sensing Method                  : Not defined
Sub Sec Time Digitized          : 839447
Sub Sec Time Original           : 839447
Sub Sec Time                    : 839447
Focal Length                    : 3.9 mm
Flash                           : Off, Did not fire
Light Source                    : Unknown
Metering Mode                   : Center-weighted average
Scene Capture Type              : Standard
Interoperability Index          : R98 - DCF basic file (sRGB)
Interoperability Version        : 0100
Focal Length In 35mm Format     : 20 mm
Max Aperture Value              : 1.9
Create Date                     : 2018:12:25 13:13:27
Exposure Compensation           : 0
Exif Image Height               : 3024
White Balance                   : Auto
Date/Time Original              : 2018:12:25 13:13:27
Brightness Value                : 6.08
Exif Image Width                : 4032
Exposure Mode                   : Auto
Aperture Value                  : 1.9
Components Configuration        : Y, Cb, Cr, -
Color Space                     : sRGB
Scene Type                      : Directly photographed
Shutter Speed Value             : 1/1985
Exif Version                    : 0220
Flashpix Version                : 0100
Resolution Unit                 : inches
GPS Latitude Ref                : North
GPS Longitude Ref               : West
GPS Altitude Ref                : Below Sea Level
GPS Time Stamp                  : 18:13:28
GPS Processing Method           : GPS
GPS Date Stamp                  : 2018:12:25
X Resolution                    : 72
Y Resolution                    : 72
Make                            : Xiaomi
Thumbnail Offset                : 1181
Thumbnail Length                : 17405
Compression                     : JPEG (old-style)
Image Width                     : 4032
Image Height                    : 3024
Encoding Process                : Baseline DCT, Huffman coding
Bits Per Sample                 : 8
Color Components                : 3
Y Cb Cr Sub Sampling            : YCbCr4:2:0 (2 2)
Aperture                        : 1.9
GPS Altitude                    : 33 m Below Sea Level
GPS Date/Time                   : 2018:12:25 18:13:28Z
GPS Latitude                    : 33 deg 42' 57.73" N
GPS Longitude                   : 78 deg 52' 54.36" W
GPS Position                    : 33 deg 42' 57.73" N, 78 deg 52' 54.36" W
Image Size                      : 4032x3024
Megapixels                      : 12.2
Scale Factor To 35 mm Equivalent: 5.1
Shutter Speed                   : 1/1985
Create Date                     : 2018:12:25 13:13:27.839447
Date/Time Original              : 2018:12:25 13:13:27.839447
Modify Date                     : 2018:12:25 13:13:27.839447
Thumbnail Image                 : (Binary data 17405 bytes, use -b option to extract)
Circle Of Confusion             : 0.006 mm
Field Of View                   : 84.0 deg
Focal Length                    : 3.9 mm (35 mm equivalent: 20.0 mm)
Hyperfocal Distance             : 1.38 m
Light Value                     : 12.8

Take a look at those coordinates... They're the EXACT location. If you put them into maps and get directions, you can get to the EXACT SPOT.



Link to online GPS Image Viewer: https://www.pic2map.com/



Flag: Myrtle Beach


We hope you now recognize why you shouldn't post pictures online when you're near the location!



Commentaires

©2020 by CyberCatamounts. Proudly created with Wix.com

bottom of page