[OSINT?? 200 pts]
This 200 point “OSINT” problem kind of strange. I would classify this as more of a Forensics problem, since I generally think that they way you solve this one is forensics based… right?
Part of the description reads: ‘Agent. We found a target posting strange images of boarding passes to his Instagram. None of the guys at base can figure it out, but we think he’s been using the images to exfiltrate data.’
An interesting title for an OSINT problem, but whatever.
Everything looks normal, except instead of a map locator like the 5 others, this one had the standard text Flag format
So right away we know we are looking for an actual flag.
Lets take a look at the attached image.
Immediately I began searching for the details on the flier, but found nothing. RAirway does not seem to be any reference to anything, and the flight numbers and details don’t reveal anything. I spent about 15 minutes searching for a way ti solve this using typical OSINT techniques.
I kept on looking at the Enigma code book under the flier, and the numbers and the barcode and the letters, and my mind kept thinking of forensics and cryptography techniques I might be able to use to extract data from the image – but I kept reminding myself, “No no no, this is a OSINT problem – I’m not gonna be able to extract any data that’s hidden under layers of the image.” So I just left it at that.
After thinking for a while, I thought, ‘hmm I might as well check out that barcode anyway’. and so I did. I opened it in Gimp and turned it into a computer-readable barcode.
Now I went to an online reader, selected the type of barcode this is (it appears to match the PDF417 type), uploaded the image, and let it process it.
However, it detected no barcode. Strange, I thought – until I realized that the colors of the barcode may be different.
Comparing this stock PDF417 barcode to ours, it looks like the the color scheme is inverted.
White-on-Black background ^ instead of Black-on-White background.
This was easily fixable with Gimp’s color-invert function:
After uploading that to the online barcode-reading site, we get the flag.
…Yep, I solved the OSINT problem using standard Forensic tactics…
(In not sure how Open Source Intelligence was supposed to be used to solve this problem, because I sure didn’t use any)