CyCTF Qualifications 2024 — OSINT Challenges
What is OSINT ?
Open source intelligence (OSINT) is the collection and analysis of data gathered from open sources (overt sources and publicly available information) to produce actionable intelligence.
The OSINT Challenges was 3 challenges, I solved 2
Let’s begin
Challenge 1: Aerospace
Description: We are investigating the history of a nano-satellite project, Satellites usually are being observed by researchers/scientists via stations on earth. can you find out the last station has observed the satellite with a status “Good” , flag is the station name without spaces example flag: CyCTF{1337-Station}
There is a txt file called data.txt that contains these information
1 43728U 18096K 23081.21782463 .01925735 32332-2 20784-2 0 9995
2 43728 97.3099 175.2941 0008625 277.9511 82.0794 16.10744455241223I didn’t understand what are these so I asked PentestGPT and this is the answer:
Line 1:
1 43728U 18096K 23081.21782463 .01925735 32332-2 20784-2 0 9995 1: Line number
43728: Satellite catalog number
U: Satellite classification (U for unclassified)
18096K: International Designator (launch year and launch number)
23081.21782463: Epoch (reference time)
.01925735: First time derivative of mean motion
32332-2: Second time derivative of mean motion and epoch
20784-2: Drag term
0: Ephemeris type (0 for secular)
9995: Element numberLine 2:
2 43728 97.3099 175.2941 0008625 277.9511 82.0794 16.10744455241223 2: Line number
43728: Satellite catalog number
97.3099: Inclination (degrees)
175.2941: Right ascension of the ascending node (degrees)
0008625: Eccentricity
277.9511: Argument of perigee (degrees)
82.0794: Mean anomaly (degrees)
16.10744455241223: Mean motion (revolutions per day)After that I understood
So after some searching I found this great website which is n2yo (https://www.n2yo.com/) n2yo.com is a website providing mainly satellite tracking Services. Thousands of objects can be tracked in real time.
In search bar I searched about 43728 to know the name of satellite
after searching it gave me that
So the satellite name is 3CAT-1
Now we want to know the last station has observed the satellite with a status “Good”
After searching for a website that give me all the stations I found this great webiste which is satnogs (https://satnogs.org/) Open Source global network of satellite ground-stations
So after browsing the website I go to https://network.satnogs.org/observations/ and search with 3CAT-1 and filter the results into the good one
So the last station that 3CAT-1 has observed is 766-Dunchurch
So the flag is CyCTF{766-Dunchurch}
Challenge 2: OhMyCell
Description: A Friend of mine is working at the Arab German Company in Cairo , he told me about his struggle to call his wife while he is at the office , i decided to make an investigation for the region to tell him where is the best spot he can go to have a good signal i mean i am a communication engineer after all , but looks like i need some help from a smart person like you. The flag is the cell id of the better cell he can be nearby to have a better signal and the radio Type, example format CyCTF{1337_CDMA}
First thing I did is to see Arab Germany Company on Google Maps and determine the longitude and latitude (30.082299603773468, 31.387315265955973)
After some searching there are two great websites which are
1. CellMapper (https://www.cellmapper.net/map*) CellMapper* is a crowd-sourced cellular tower and coverage mapping service.
2. OpenCelliD (https://opencellid.org/) OpenCelliD is the largest Open Database of Cell Towers & their locations.
I used OpenCelliD
First thing you should understand what are MCC, MNC, LAC, Cell ID and radio types ?
Mobile Country Code (MCC)
MCC: A three-digit number that identifies the country or region where the mobile network is located.Mobile Network Code (MNC)
MNC: A two or three-digit number that identifies the mobile network operator within a country.Location Area Code (LAC)
LAC: A three-digit number that identifies a geographical area covered by a set of base stations. It helps in determining the approximate location of a mobile device.Cell ID
Cell ID: A unique identifier for a specific cell tower within a Location Area. It helps in pinpointing the exact cell tower a device is connected to.Radio types: You can read this nice article
<https://rantcell.com/comparison-of-2g-3g-4g-5g.html>How to find MCC that is unique for every country and MNC that is unique for each Mobile Company ?
from this website (https://mcc-mnc.com/)
Come back again to OpenCelliD
After long searching I could reach to the best cell and radio type
So the flag is CyCTF{16456_UMTS}
If you want to learn OSINT and to solve CTFs on OSINT, see this post
https://t.me/CyberSecurityforall24/1320
If you reach to here so, thanks so much for reading.
My Linkedin account: https://www.linkedin.com/in/kerolos-ayman-19a569255
My channels on Telegram: