Search
  • Chris Silvers

Photo Finish! Tales from the CypherCon 2022 OSINT CTF



A conference by Hackers, for Hackers

Last week Kris and I headed out to the great Cheese State for its largest annual Hacker conference to host yet another one of our famous OSINT CTFs (read more about those here!). We got to catch up with some old friends, learn some things, make a few new connections, and even pet a friendly dog!

The contest was a huge hit with a whopping 31 teams of all different skills and ages. Read what our winners have to say about the tense race to first place below.

A Word from our Champions

Silver Champs - TwoDubs

TwoDubs are just two dudes studying to get their Masters. After hearing about the famous CG Silvers OSINT CTF on a podcast we guest starred on in the Before Times™, and some light cyber stalking before this year’s conference, they decided to throw their hat in the ring and see what happened. Ultimately, what happened was they came in second place out of 31 teams.

1. Why did you decide to join the OSINT CTF?

J - I had heard you guys talking on the CypherCon podcast actually, about the contest when you first were gonna come in 2020 when the conference was canceled. Then I did some research on it. I was kinda hoping you guys would be here, and then we got closer and I saw you guys WERE gonna be here.

C - So in other words we were stalked before we came…

J - Yes exactly!

C - I love it, I love it.

2. What was the hardest flag to find? If you found it, how did you do it?

M - One we found to be difficult was the father’s middle name. So what I had to do was cross reference a couple of white pages – databases essentially. I would look for the initial, and I plug that in while I was looking for keywords and then try to find obituaries – which are often the biggest help actually – because they list the person’s full name. Oh wait no –– NO! NOT FOR THE PERSON, but to find a relative — whatever.”

C - No, yeah and most people are named after previous relatives. Especially if they passed away. Um, okay cool, that’s a technique, I guess. A little gruesome, but okay.

TwoDubs held their own, staying in the top three for most – if not the entirety – of the contest. In fact, they were favored for 1st place fifteen minutes before the contest ended, but with their mighty numbers Sigpwny pulled ahead by 100 points.

3. Did you learn a skill or tool that you’ll take with you after the contest?

J - I was really surprised how NOT useful Facebook was for both of them. It was impossible to find anything on Facebook. LinkedIn was a huge help, especially with a lot of the dates of employment because all of that's public. People using it to find employment and market themselves out in the world.

M - Yeah one thing I found interesting is public record databases are probably a little more insidious than I thought. Because like if you get someone’s full legal name, their birthday, their address, their phone number, and you cross reference and verify those? You can do a lot with that, and that’s all publicly available data. Maybe not together, per say, but you can definitely piece it together.

Gold Champs - Sigpwny

“There is always strength in numbers.” – Mark Shields

Sgpwny has definitely brought truth to those words. A cyber security club from The University of Illinois made sure to bring the entire gang out to our contest, and with sixteen sharp minds, 32 hacking hands, and 320 searching fingers they won it all.

1. Why did you decide to join the OSINT CTF?

T - So I’m pretty passionate about OSINT and when I saw there was an OSINT CTF at CypherCon I was like IM gonna do that ALONE. And then we were sitting last night and I was like hey who wants to do OSINT CTF and a few people raised their hand and then we get here and we start going on it and we realize oh we could have a chance at this and another admin said ‘Alright everyone, all hands on deck – we’re gonna win this.’

2. What was the hardest flag to find? If you found it, how did you do it?

T - I think the mother’s maiden name at one point.

N - Yeah I like that one because it requires you to build a mental image of the figure you’re looking for and then build a connection of relationships. You’re uncertain a lot of times, especially when things are behind a paywall or you have incorrect information. It's not a perfect process and so you collect it all and then mix some inferences. You say ‘I think this could be the mom’ and then from there you have to say my assumption is this IS the mom. Let's look to other information about this new person and recursor to make those assumptions and eventually you find the correct answer. So piecing it all together is fun.

C - I’m getting this mental image of the mentalist or something (laughs). Sorta profiling going on here.

These guys really made themselves out to be the underdogs. Not once in all our live score updates on our twitter page did they make the top three – or even five – teams. This diverse group of college students maintained two communication channels for each volunTARGET throughout the contest, compiling every answer they could find in a neat chat box for all of them to share. In the last fifteen minutes of the contest they pulled out all their stops, submitted everything they had, and came out on top.

3. Did you learn a skill or tool that you’ll take with you after the contest?

T - We used one of those find your background check searches. Most of the time garbage content and usually when I’m doing actual investigations my technique is if I don’t have funding to unlock them I look at two or three different sites and if they give the same information it was good.

N - Some of these sites do the heavy lifting, or hard work, or dubious work of collecting tons and tons of public documents for you so you don’t have to search for yourself and they put it in one spot that is easily searchable. And so ethically what are they doing? Is it good or not? Either way it’s public records at the end of the day and they make it easy to search through. So using Ancestry for birthdates, marriage dates, things like that, and also using those other sites T mentioned you can build that family tree.

Overall, we had a truly wonderful time at CypherCon, and we want to thank everyone who made our OSINT-CTF possible. Shout out to our contestants, the Conference organizers –– we’re looking at you Michael Goetzman, our volunTARGETS and everyone else we interacted with this past weekend. We hope to see you all next year at CypherCon 2023!

65 views0 comments