darkCON CTF: The Return of Mr. X
This is the third OSNIT Challenge in a series from DarkCON CTF 2021, this my first ever first-blood! 😃
This might not make much sense out of context, but basically we were looking for somebody named lola’s boyfriend who was apparently missing. We are given this and we are supposed to look for him as well:
In the last challenge we were given the name of Lola’s boyfriend as Imag1nary_bf, we we look up people with that name using the sherlock tool we find:
Since the challenge description mentioned something about boards we start with Pinterest, and since lola’s name appears in the profile description we must be in the right place. We also find a link to a trello board.
On the trello board we find a link to a pastebin:
There is a PGP private key:
On the trello board it says that the target is in the key, when we decode it from base64 we find an onion link.
Go to the onion link and we get this very generic webpage, there is nothing in the source.
Checking out robots.txt, and we find a suspicious page.
We have found the mr x hitman page:
Checking the source we can see a file named flag which is a pgp encrypted message:
We use the key we found earlier on pastebin to decrypt this message, and guess that the password is TheInvisibleMan, which is his username/last name.
We now have the flag.
FIN 🥳