OSINT Challenges CyCTF Quals 2024

Hello, this is SirReda (0xHunterr). I recently participated in CyCTF 2024 Quals, and today, we will walkthrough OSINT challenges.

First Challenge: Aerospace

Description: We are investigating the history of a nano-satellite project, Satellites usually are being observed by researchers/scientists via stations on earth. can you find out the last station has observed the satellite with a status “Good” , flag is the station name without spaces example flag: CyCTF{1337-Station}

Files provided with the challenge Data.txt File:

1 43728U 18096K 23081.21782463 .01925735 32332-2 20784-2 0 9995 2 43728 97.3099 175.2941 0008625 277.9511 82.0794 16.10744455241223

So our duty here is to find the station, to do that we must know more about that mini-satellite

from the observation logs provided in the challenge you can search and know what info it gives us, ChatGPT can be useful here.

ChatGPT response for “at what time this observation loged?”

using the NORD ID in a query with our best friend “google” to search for the satellite: 43728 norad id satellite , we got its name 3CAT1

going to https://network.satnogs.org/observations websites to see what observations there and using the name we got

no status good appear

from the challenge description, our goal is the “last” observation with the status “Good” playing filters we got:

so our flag is: CyCTF{766-Dunchurch}

Second Challenge: OhMyCell

Description: A Friend of mine is working at the Arab German Company in Cairo , he told me about his struggle to call his wife while he is at the office , i decided to make an investigation for the region to tell him where is the best spot he can go to have a good signal i mean i am a communication engineer after all , but looks like i need some help from a smart person like you. The flag is the cell id of the better cell he can be nearby to have a better signal and the radio Type, example format CyCTF{1337_CDMA}

Our mission is clear and the situation we are in is pretty simple first let’s find what company they meant and where it’s located. Searching Google with the same quote “the Arab German Company in Cairo” we got plenty

but the one that fits with the description is the “Arab German Company For License Plates S.A.E.” Since it’s near the Airport that answers the Struggle in phone calls and now it makes sense unlike the others

near the Airport

determining the longitude and latitude: (30.083411, 31.387606) now searching for a site that enables us to see what cell towers are available in a specific area I used OpenCelliD, you will notice some search filters like MCC, MNC…

Mobile Country Codes (MCC) are used in wireless telephone networks (GSM, CDMA, UMTS, etc.) checkout this https://www.mcc-mnc.com/

Using this info in OpenCelliD and locating the same place in its map and simulating the exact place (in front of Cairo AirPort) we reached:

after digging and trying the cells in this area we found our cell

the flag: CyCTF{16456_UMTS}

bro use Etisalat to call his wife

we reached the end of this writeup See you in the next ones (ان شاء الله) If you have any questions, You can reach me through my social accounts: Twitter(X) | Linkedin |Github |Facebook