1337up CTF - Blink’s Secret

Hello Everyone. This is my another blog of solving another challenge of 1337up CTF hosted by Intigriti. My team TamilCTF has scored 10th in this CTF.

In this writeup we are gonna see an OSINT challenge Blink’s Secret. I am so happy to say that I got first blood for this challenge 😊. Also thanks for Paul for collaborating with me in this challenge.

Blink’s Secret Challenge

So, In this challenge, they have given a note.txt file and an image. Let’s see what’s in the note.txt file.

note.txt

So the note says we need to find someone’s social media account. They have given certain hints to find the account.

  • The username comprises of name and the zip-code of current residence
  • The username is 15 characters long.
  • We need to find the name of the blinking man in the image.
  • The format is Name_zipcode.
  • If the name is thomas mueller then write the name as ThomasMueller.

Let’s see what is in that image.

image of blinking man

It is the iconic blinking man meme. We need to find his real name.

So his name is Drew Scanlon. So the password will be DrewScanlon_*.** We need to find his pin-code of current residence. Let’s see his twitter account.

While taking a peek at his twitter account, we came to a conclusion that he lives in San Francisco, California. Let’s find the pin-code of San Francisco.

So the pincode is 941*. We need only the first three numbers since the username is 15 characters long. So the username will be **DrewScanlon_941.

After searching this username in almost all Social Media platforms, I found this account on twitter.

DrewScanlon_941

Well, the bio says it all. This account has only one tweet. Let’s take a look at that.

tweet

That’s a nice hint. In order to see those previous tweets, lets hop into the Wayback Machine.

wayback machine

Enter the url of that account and it will show the previous snapshots. We can see the old tweets (actually one tweet in this account 😁).

old tweet

That font looks a bit sus isn’t it? I will show you why. Go to https://holloway.nz/steg/ . It is a website to hide secret messages in a tweet. Let’s decrypt what’s in it.

flag

Well we got the flag 🚩.

Well that’s the end of this challenge. Hope you like the blog. If you do, make sure to clap and share to your hacker buddies and tech enthusiasts. Follow me on socials for more awesome content, links given below. Let’s see you in next blog until then PEACE OUT ✌️.