First off, running python3 sherlock 0xDarkArmy
gives us hits on reddit, instagram and twitter, among others.
While nothing interesting was found on the twitter or instagram, there was a qr code posted on the reddit page, seen here
Scanning the qr code, we are directed to a .onion
site, openable in tor. see here
At a first look it seems like a static template page. However navigating to /robots.txt
we get half of the flag: darkctf{S0c1a1_D04k_
Opening up developer tools and going to the 'networks' tab, we can see that in the get request to the page, there is a custom HTTP header Flag:
under Date. This contains the second half of the flag: _w3b_051n7}
darkctf{S0c1a1_D04k_w3b_051n7}
I lost my phone while I was travelling back to home but I was able to get back my eNB ID, MCC and MNC could you help me catch the tower it was last found. Note: decimal value upto 1 digit
So firstly, after seeing what they have said about the eNB ID
, MCC
, and MNC
, I decided to look up what they meant, so :
eNB ID
: used to identify an EnodeB uniquely
MCC
: mobile country code
MNC
: mobile network code
You can distinguish which one is which by knowing that the MCC
and MNC
are both 3 digits so 81097
must be the eNB ID
We can use the MCC
and MNC
to find out that the cell tower is in the US, and that its provider is AT&T. Now we need to triangulate the cell tower so after a bit of googling I found a website called cellmapper.net, where you can specify the eNB ID
, MNC
and MCC
, so finally you get the latlong coordinates by clicking on the location, which are 32.8464489
and -24.554806.
Because we know that the briefing says the format is darkCTF{latitude, longtitude}
to 1 decimal place we know that the flag is DarkCTF{38.4, 24.5}
The rounding is very odd