Intel101 OSINT CTF Writeup

Here’s my writeup of the Intel101 OSINT CTF by Champlain College on CyberDefenders, including solutions (spoiler alert!). The challenges require collecting data from websites, including archived data in the Wayback Machine.

If you know of any other CTFs or challenges that provide good OSINT or CTI practice, please let me know!

Who is the Registrar for jameskainth.com?

I used the whois command to see it’s Namecheap.

You get a phone call from this number: 855–707–7328, they were previously known by another name?

I did a web search and saw that this number is for Spectrum, and one of the brands that became Spectrum was Time Warner Cable.

What is the Zoom meeting id of the British Prime Ministers Cabinet Meeting?

I searched “British Prime Ministers Cabinet Meeting zoom” and found https://grahamcluley.com/uk-cabinet-zoom-meeting/, which gives the ID as 539544323.

What Percentage of full-time degree-seeking freshmen from the fall of 2018 re-enrolled to Champlain in the fall of 2019?

I wasn’t able to find this online, so I requested a hint, which was to check ucan-network.org. I found https://ucan-network.org/champlain, but couldn’t find data from 2018–2019. I requested another hint, which was to look for old versions of the page. I facepalmed for not thinking of this, then used the Wayback Machine to find this capture which shows 82.5%.

Champlain College Has A Public Excel Sheet Listing Addresses Of Campus Locations Available on The Internet, what’s the SHA256 hash of the excel file?

I searched “Champlain college Campus Locations filetype:xls” and found https://my.champlain.edu/media/physical_addresses.xls. I downloaded it, then used the command shasum -a 256 to get the hash: c96ee03c4043c366c6f573bb1d194dec8f4c0c81150c60d310bc59d9e17a6906.

In 1998 specifically on February 12th, Champlain was planning on adding an exciting new building to its campus. Back then, it was called “The Information Commons”. Can you find a picture of what the inside would look like?

I did an image search for ‘Champlain college “Information Commons” 1998’ and didn’t immediately see what I needed. I looked at other search results and found pages with other images, but no renderings of the library’s interior. I requested a hint, which said to check if champlain.edu had been archived. I used the Wayback Machine to see the Feb 12, 1998 capture, which had a link to this page with renderings.

I downloaded the image of the interior, then used the command shasum -a 256 to get the hash: f4952b314eb15acf0eec79c954f83881c17d50d2b5922ee37e8fc5e5cd1aeac2.

One of Champlain College’s Cyber Security Faculty got a bachelor’s degree in arts from this Ohioan university. Who was the other faculty member who studied there?

I searched “Champlain College’s Cyber Security Faculty” and found https://www.champlain.edu/cybersecurity-and-digital-forensics/our-experts, but didn’t see any mentions of any Ohioan universities. I searched “cybersecurity faculty site:champlain.edu” and found https://www.champlain.edu/technology-degrees/computer-networking-and-information-security/faculty.

I opened each faculty member’s page and looked at the universities they had attended. Joe Eastman has a Bachelor of Arts from the University of Toledo. I searched ‘“University of Toledo” inurl:https://www.champlain.edu/academics/our-faculty/' and found only 1 other faculty member: Gary Baker.

The CTF didn’t accept this, so I requested a hint, which was to check other search engines. Searching ‘“University of Toledo” inurl:https://www.champlain.edu/academics/our-faculty/' in DuckDuckGo, Yandex, and Bing didn’t work, but searching ‘“University of Toledo” site:champlain.edu’ in them got a hit with DuckDuckGo: Todd Schroeder.

In 2019 UVM’s Ichthyology Class Had to Name their fish for class. Can you find out what the last person on the public roster named their fish?

I searched “2019 UVM’s Ichthyology Class” and found https://www.uvm.edu/rsenr/wfb232/, which included a link “Student fish names” to an Excel file studentfishnames2019.xls. The last fish name on the list is Saccopharyngiformes.

Can You Figure Out Which State This Picture Has Been Taken From?

I did a Google image search and didn’t get any exact matches. I checked EXIF data and didn’t see geographical metadata. I checked Yandex and Bing image search results and Bing found this photo of the same flying reptile from a different angle. The photo was taken at Dinosaur Land in Virginia.